Cisco Secure Firewall ASA and FTD Software Remote Access SSL VPN Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in the Remote Access SSL VPN functionality of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software. This vulnerability allows an unauthenticated, remote attacker to exhaust device memory, leading to a DoS condition that requires a manual reboot. The issue arises from insufficient validation of user input, enabling attackers to send crafted packets to the VPN server and disrupt normal device operations. Additionally, this vulnerability affects the management HTTP server and Mobile User Security (MUS) features if they are enabled.

Impact

Exploitation of this vulnerability causes the device to stop responding to new Remote Access SSL VPN connections and can temporarily disrupt the management interface, making it unresponsive.

Remediation

Cisco has released software updates to address this vulnerability. Instructions for upgrading Cisco Secure FTD devices are available in the Cisco Secure FMC upgrade guide. For Cisco Secure Firewall ASA, consult the Cisco Secure Firewall ASA Upgrade Guide and use the Cisco Software Checker tool to identify the first fixed release.