Cisco recently released a security advisory detailing a critical vulnerability in its Adaptive Security Appliance (ASA) software that, if exploited, could allow remote code execution and denial of service.
Cisco has also released software updates to address this vulnerability. If you are running a version of ASA software equal to or newer than 9.1, you should install the applicable patch for your specific version. ASA software releases prior to 9.1, including all 8.x releases, and ASA releases 9.3 and 9.5 have reached End of Software Maintenance, so no patch is available for these versions. To address this security vulnerability if your ASA is running one of these out-of-maintenance releases, you will need to migrate to a supported software release. Please note that this is dependent on your ASA hardware being able to support the newer software version.
CTComp customers with affected Cisco ASA firewalls who subscribe to our Managed Firewall service will have their security appliances updated with the latest Cisco software updates at no charge as part of their agreement. CTComp customers who do not subscribe to our Managed Firewall service but would like assistance in patching their Cisco ASA, should send an email to service@ctcomp.com to create a support ticket. Time to assess and update the Cisco ASA firewall(s) will be billed as needed.