On January 29th Cisco released a high-urgency security alert.
Firewalls, security appliances, and other devices configured with WebVPN clientless VPN software are vulnerable to an internet based attack that allows an attacker to gain full control of your cisco device.
The affected systems include:
* 3000 Series Industrial Security Appliance (ISA)
* ASA 5500 Series Adaptive Security Appliances
* ASA 5500-X Series Next-Generation Firewalls
* ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
* ASA 1000V Cloud Firewall
* Adaptive Security Virtual Appliance (ASAv)
* Firepower 2100 Series Security Appliance
* Firepower 4110 Security Appliance
* Firepower 4120 Security Appliance
* Firepower 4140 Security Appliance
* Firepower 4150 Security Appliance
* Firepower 9300 ASA Security Module
* Firepower Threat Defense Software (FTD)
* FTD Virtual
* 3000 Series Industrial Security Appliance (ISA)
* ASA 5500 Series Adaptive Security Appliances
* ASA 5500-X Series Next-Generation Firewalls
* ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
* ASA 1000V Cloud Firewall
* Adaptive Security Virtual Appliance (ASAv)
* Firepower 2100 Series Security Appliance
* Firepower 4110 Security Appliance
* Firepower 4120 Security Appliance
* Firepower 4140 Security Appliance
* Firepower 4150 Security Appliance
* Firepower 9300 ASA Security Module
* Firepower Threat Defense Software (FTD)
* FTD Virtual
If you’re using the WebVPN feature, attackers have access to your internal network. Fortunately none of our clients use any of these CISCO devices but if your business does, updates are required immediately.
Please give us a call if you need assistance with these updates.