Security Alert: Cisco ASA SNMP Remote Code Execution Vulnerability (CVE-2016-6366)

Data Consult > ASA > Security Alert: Cisco ASA SNMP Remote Code Execution Vulnerability (CVE-2016-6366)
Security Alert: Cisco ASA SNMP Remote Code Execution Vulnerability (CVE-2016-6366)

Hello,

Very recently, a new security vulnerability affecting Cisco ASA & Firepower was discovered. Below are the short details:

Background:
A vulnerability in the Simple Network Management Protocol (SNMP) code of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to a buffer overflow in the affected code area. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system. The attacker must know the SNMP community string to exploit this vulnerability.

Affected Products:

  • Cisco ASA 5500 Series Adaptive Security Appliances
  • Cisco ASA 5500-X Series Next-Generation Firewalls
  • Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
  • Cisco ASA 1000V Cloud Firewall
  • Cisco Adaptive Security Virtual Appliance (ASAv)
  • Cisco Firepower 4100 Series
  • Cisco Firepower 9300 ASA Security Module
  • Cisco Firepower Threat Defense Software
  • Cisco Firewall Services Module (FWSM)*
  • Cisco Industrial Security Appliance 3000
  • Cisco PIX Firewalls

IOS Fix:

Cisco ASA Major Release  First Fixed Release
 7.2 Affected; migrate to 9.1.7(9) or later
 8.0 Affected; migrate to 9.1.7(9) or later
8.1 Affected; migrate to 9.1.7(9) or later
8.2 Affected; migrate to 9.1.7(9) or later
8.3 Affected; migrate to 9.1.7(9) or later
8.4 Affected; migrate to 9.1.7(9) or later
8.5 Affected; migrate to 9.1.7(9) or later
8.6 Affected; migrate to 9.1.7(9) or later
8.7 Affected; migrate to 9.1.7(9) or later
9.0 9.0.4(40) ETA 8/25/2016
9.1 9.1.7(9)
9.2 9.2.4(14) ETA 8/25/2016
9.3 9.3.3(10) ETA 8/26/2016
9.4 9.4.3(8) ETA 8/26/2016
9.5 9.5(3)
9.6 9.6.1(11) / FTD 6.0.1(2)

For up-to-date details of the vulnerability, kindly check the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-snmp

For more information or assistance in patching the above vulnerability, don’t hesitate to contact us through our call center on +961-1-511822.


Elie Bassil
linkedin.com/in/eliebassil

Related Posts

1 Response