Cisco reveals critical flaw that leaves ASA firewalls open to attack

12 Feb 2016

The flaw lets hackers get past firewalls via VPNs

Networking giant Cisco has revealed a critical vulnerability that affects Cisco ASA firewalls that could allow remote attackers to breach a firewall via a virtual private network (VPN).

Cisco has rated the vulnerability with the maximum score of 10 in the Common Vulnerability Scoring System.

Cisco has released free software updates that address the vulnerability and more information can be found here.

The vulnerability lies in the code of Cisco Adaptive Security Appliance (ASA) firewalls, which are used by businesses all over the world.

Flaw allows hackers in via VPNs

The flaw was discovered in the Cisco ASA code that handles the Internet Key Exchange Version 1 (IKEv1) and IKE Version 2 (IKEv2) protocols.

“This could ultimately grant full control of an organisation’s entire network to an attacker on the internet,” warned Brendan Fay, head of information security practice at Ward Solutions.

“The vulnerability lies in the code of Cisco ASA software, which is used by countless organisations, and typically this VPN functionality would be enabled in such firewalls.

“A successful hacker could infiltrate the entire network of an organisation and commit fraud, steal sensitive personal and commercial information, access financial data, or use it as a base to attack other networks,” Fay warned.

Fay recommends that organisations that have been affected or think they might be affected to contact their IT department or service provider to patch their firewall.

Fay said that any user of Cisco ASA software is at risk.

Cisco image via Shutterstock

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years