Actively Exploited High Impact DoS Vulnerability Found in Cisco ASA and FTD

[silversurfer]

Cisco just disclosed an actively exploited denial of service (DoS) vulnerability in the Session Initiation Protocol (SIP) inspection engine of their Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Software.

The security issue could allow potential remote and unauthenticated attackers to "cause an affected device to reload or trigger high CPU, resulting in a denial of service (DoS) condition."

As detailed by Cisco in their advisory, the security issue lies in the way Session Initiation Protocol traffic is improperly handled, making it possible for an adversary to send maliciously crafted SIP requests designed to trigger this specific vulnerability at high rates across affected devices.
This DoS vulnerability (CVE-2018-15454) affects Cisco ASA Software Release 9.4 and later and Cisco FTD Software Release 6.0 and later according to Cisco, if SIP inspection is enabled.

Source: https://news.softpedia.com/news/high-imp...3546.shtml