Cisco Secure Firewall ASA and FTD Software Buffer Overflow Vulnerability via Web Services Interface

A buffer overflow vulnerability has been identified in the web services interface of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software. This vulnerability allows an unauthenticated, remote attacker to cause a denial-of-service condition by sending a crafted HTTP request to the affected system. The issue arises from insufficient boundary checks for specific data provided to the web services interface, leading to a buffer overflow that causes the system to reload.

Impact

Exploitation of this vulnerability causes a buffer overflow condition that leads to a denial-of-service condition, causing the system to reload.

Remediation

Cisco has released free software updates that address this vulnerability. Customers with service contracts should obtain these security fixes through their usual update channels. For instructions on upgrading Cisco Secure FTD devices, refer to the appropriate Cisco Secure FMC upgrade guide. Customers without service contracts should contact the Cisco Technical Assistance Center (TAC) for assistance.