VPN vulnerability in Cisco ASA software used in the wild

[German]Cisco's ASA software has a critical bug in the VPN feature that is already exploited by hackers. There is a firmware update from Cisco which should be installed as soon as possible.


On January 29th 2018 Cisco released a Security Advisory for its Adaptive Security Appliance (ASA), see my article PSA: Vulnerabilities in Cisco products – updates required. On February 5, 2018 Cisco updated the advisory:

UPDATED 2/5/2018: After further investigation, Cisco has identified additional attack vectors and features that are affected by this vulnerability. In addition, it was also found that the original fix was incomplete so new fixed code versions are now available. Please see the Fixed Software section for more information..

Cisco has released revised software updates that are urgently needed. The following Cisco products are affected.

Cisco ASA
(Cisco ASA, Source: Cisco)

  • 3000 Series Industrial Security Appliance (ISA)
  • ASA 5500 Series Adaptive Security Appliances
  • ASA 5500-X Series Next-Generation Firewalls
  • ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
  • ASA 1000V Cloud Firewall
  • Adaptive Security Virtual Appliance (ASAv)
  • Firepower 2100 Series Security Appliance
  • Firepower 4110 Security Appliance
  • Firepower 4120 Security Appliance
  • Firepower 4140 Security Appliance
  • Firepower 4150 Security Appliance
  • Firepower 9300 ASA Security Module
  • Firepower Threat Defense Software (FTD)
  • FTD Virtual

The table below lists the features and vulnerable configuration, details may be found within this  Cisco document.

(Source: Cisco)


Bleeping Computer reports here, that hackers are abusing CVE-2018-0101 in Cisco ASA to overtake the devices.

Cookies helps to fund this blog: Cookie settings


This entry was posted in Security, Update and tagged . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *