Zero-Day Vulnerability in Cisco Products Could Cause DoS Condition
NJCCIC Alert
Original Release Date: 2018-11-13
Threat actors are exploiting a zero-day vulnerability in Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense software to cause a denial-of-service (DoS) condition by triggering a device reboot. The vulnerability is present in the Session Initiated Protocol (SIP) inspection engine turned on by default and can be triggered by sending SIP requests to the affected appliance. Exploiting the flaw can be done remotely and without authentication. While there are currently no software updates to address the vulnerability, there are multiple mitigation options.
The NJCCIC recommends reviewing the Cisco Security Advisory for more information, a list of vulnerable products, and available mitigation techniques.
Featured Content
- Pulse Connect Secure Vulnerabilities Are Actively Being Exploited>
- Phishing Campaigns Attempt to Steal Credentials for Cloud Services>
- Geico Hack Impacts Residents in 8 States>
- SonicWall Email Security Vulnerabilities Are Actively Being Exploited>
- New Critical Vulnerabilities in On-Premises Microsoft Exchange Servers>
- Threat Actors Abuse Contact Forms in Recent Malware Campaigns>
- Google Chrome Vulnerabilities Exploited in the Wild – Patch Now>
- Increase in Ransomware Attacks Targeting Education Sector>
The NJCCIC is a component organization within the New Jersey Office of Homeland Security and Preparedness. We are the State's one-stop-shop for cyber threat analysis, incident reporting, and information sharing and are committed to making New Jersey more resilient to cyber threats by spreading awareness and promoting the adoption of best practices.
View our Privacy Policy here.
View our Site Index here.