{"id":17714,"date":"2018-11-01T14:06:26","date_gmt":"2018-11-01T14:06:26","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/29470\/Cisco-Zero-Day-Exploited-In-The-Wild-To-Crash-And-Reload-Devices.html"},"modified":"2018-11-01T14:06:26","modified_gmt":"2018-11-01T14:06:26","slug":"cisco-zero-day-exploited-in-the-wild-to-crash-and-reload-devices","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/cisco-zero-day-exploited-in-the-wild-to-crash-and-reload-devices\/","title":{"rendered":"Cisco Zero-Day Exploited In The Wild To Crash And Reload Devices"},"content":{"rendered":"

\"cisco-asa.png\"\/<\/span>Image source: Cisco \/\/ Edited: ZDNet<\/span><\/p>\n

The Cisco security team has revealed earlier the existence of a zero-day vulnerability affecting products that run Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software.<\/p>\n

The vulnerability has been exploited in the wild, according to a security advisory<\/a> the company published a few hours ago. No patches are available at the time of writing.<\/p>\n

Cisco says it discovered the vulnerability, and the active attacks, while its staff was answering a support case.<\/p>\n

The vulnerability, which Cisco is tracking as CVE-2018-15454, resides in the Session Initiation Protocol (SIP) inspection engine of ASA and FTD software.<\/p>\n

Cisco says CVE-2018-15454 “could allow an unauthenticated, remote attacker to cause an affected device to reload or trigger high CPU, resulting in a denial of service (DoS) condition.”<\/p>\n

Because SIP inspection is enabled by default in all ASA and FTD software packages, a large number of Cisco devices are believed to be vulnerable. Cisco has already confirmed that the following products are affected if they run ASA 9.4 and later, or FTD 6.0 and later:<\/p>\n