|Number of vulnerabilities||1|
|CVE ID|| CVE-2016-6366
|Public exploit||This vulnerability is being exploited in the wild.|
Cisco ASA 5500
Cisco ASA 5580
Cisco Catalyst 6500 Series ASA Services Module
Cisco ASA 5500-X Series
Cisco ASA 1000V Cloud Firewall
Cisco ASA Series
|Vulnerable software versions||
Cisco ASA 5500 7.2(5)
Cisco ASA 5500 8.0(5)
Cisco ASA 5500 8.2(x)
Cisco ASA 5500 8.3(x)
Cisco ASA 5500 8.4(x)
Cisco ASA 5580 8.1(2)
Cisco Catalyst 6500 Series ASA Services Module -
Cisco ASA 5500-X Series 8.6(x)
Cisco ASA 1000V Cloud Firewall 8.7(1)
Cisco ASA Series 9.0(x)
Cisco ASA Series 9.1(x)
Cisco ASA Series 9.2(x)
|Vendor URL||Cisco Systems, Inc|
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when handling SNMP packets. A remote attacker with knowledge of SNMP community string can cause buffer overflow and cause the target device to reload or execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in full compromise of affected system.
The following models of CISCO ASA appliances are affected:
Note: this is a zero-day vulnerability, discovered after security breach of The Equation Group. The exploit code for this vulnerability was publicly exposed and is referred as EXTRABACON Exploit.Remediation
Install patches from vendor's website.