Cisco recently released a collection of 10 security advisories against Cisco's Adaptive Security Appliance (ASA), Firepower Threat Defense (FTD), and Firepower Management Center (FMC) software. The collection includes a few high-risk vulnerabilities that affect File Transfer Protocol (FTP) Inspection, Session Initiated Protocol (SIP) inspection that could lead to a denial-of-service condition. Importantly, Cisco is not aware of any public exploitation of the vulnerabilities.
Course of Action
Systems Engineering has determined that these vulnerabilities impact multiple customers. To avoid them from being exploited, the team is working to patch affected customer ASA and FTD firewalls who subscribe to the following services; EventWatch, Network Security, and IT Essentials. We are actively contacting covered customers to organize a convenient downtime window to patch affected firewalls.
For those using affected ASA and FTD firewalls and do not currently subscribe to one of our previously mentioned services, it is recommended you patch these vulnerabilities independently.
If you have any questions, please contact your Systems Engineering Account Manager.