Atomic Data has become aware of a critical vulnerability that may impact your firewall.  We would like to make sure all clients are aware of this issue, as well as suggested remediation strategies. 

Security Advisory Summary (2/10/2016)

(https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike)

Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability 

A vulnerability in Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code.  The vulnerability is due to a buffer overflow in the affected code area. An attacker could exploit this vulnerability by sending crafted UDP packets to the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system.

This vulnerability has been ranked as Critical, and malicious exploitation of this vulnerability has been identified.  Atomic Data recommends addressing this vulnerability as soon as possible.

Remediation strategies:

1.    Patch your firewall 

Cisco has released software updates that address this vulnerability. Please work with your Atomic Data Account Manager to schedule a brief but service impacting maintenance on your Cisco ASA firewall.  This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike

2.    Disable VPN services

If they are not actively used, vulnerable services may be disabled

3.    Restrict Access

If possible, create an Access Control List (ACL) specifying individual IP addresses that are able to access VPN

Please, contact the Atomic Data NOC right away if you would like any assistance with any of the above remediation strategies.

NEED HELP? CONTACT US