Exploitation of Critical Cisco ASA Vulnerability
The ACSC has become aware of a change in the threat situation surrounding the recently announced Cisco ASA critical remote code execution vulnerability. Proof of concept code is now available which results in a denial of service condition on targeted vulnerable devices.
Cisco first released a security advisory on 29 January detailing the vulnerability and affected devices but has since identified additional attack vectors and released additional, more comprehensive patches.
Currently the proof of concept code only results in a denial of service condition. It is likely that this will develop into code that can achieve remote code execution. Cisco has already identified 'attempted malicious use of the vulnerability' in the wild although it is unknown whether this refers to witnessing remote code execution or a denial of service condition.
The ACSC recommends that organisations with affected devices patch as soon as possible.
Cisco ASA Security Advisory - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1