Denial of service in Cisco Firepower 9000 Series



Published: 2019-02-22
Risk Medium
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2019-1700
CWE-ID CWE-20
Exploitation vector Local network
Public exploit N/A
Vulnerable software
Subscribe
Firepower 9000 Series
Hardware solutions / Firmware

Vendor Cisco Systems, Inc

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Input validation error

EUVDB-ID: #VU17846

Risk: Medium

CVSSv3.1: 5.3 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-1700

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows an adjacent attacker to perform a denial of service (DoS) attack.

The vulnerability exists in field-programmable gate array (FPGA) ingress buffer management due to a logic error in the FPGA related to the processing of different types of input packet. An adjacent attacker can send a specially crafted sequence of input packets to a specific interface on an affected device, cause a queue wedge condition on the interface and cause the affected device to stop processing any additional packets that are received on the wedged interface.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Firepower 9000 Series: 2.2.200.8

External links

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-firpwr-dos


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###