Cisco Secure Firewall OSPF Memory Corruption Vulnerability Leading to Denial-of-Service

A vulnerability exists in the OSPF protocol of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software. This vulnerability allows an unauthenticated, adjacent attacker to corrupt memory on an affected device, causing it to reboot and resulting in a denial-of-service (DoS) condition. The issue arises from insufficient input validation when processing OSPF protocol packets. Exploitation involves sending crafted OSPF packets to the device.

Impact

Exploitation of this vulnerability leads to memory corruption, causing the affected device to reload unexpectedly and creating a DoS condition.

Remediation

Cisco has released software updates to address this vulnerability. Instructions for upgrading Cisco Secure Firewall ASA and FTD Software are available in the respective Cisco upgrade guides. For Cisco Secure Firewall ASA, consult the Compatibility and Upgrade Guide. For Cisco Secure FTD, refer to the Cisco Secure FMC Upgrade Guide.