Cisco Secure Firewall ASA and FTD Remote Access VPN Web Server Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in the Remote Access SSL VPN service of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software. This vulnerability allows an authenticated, remote attacker to create or delete arbitrary files on the underlying operating system. Manipulation of critical system files could disrupt new and existing Remote Access SSL VPN sessions, causing a denial-of-service condition. Affected devices require a manual reboot to recover. The vulnerability arises from insufficient input validation in processing HTTP requests, enabling authenticated VPN users to exploit it by sending crafted HTTP requests to the device.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition on the Remote Access SSL VPN service, causing dropped sessions and denied new connections. Affected devices require a manual reboot to recover.

Remediation

Cisco has released free software updates to address this vulnerability. Customers with service contracts should obtain these updates through their usual channels. For instructions on upgrading Cisco Secure FTD devices, refer to the appropriate Cisco Secure FMC upgrade guide.