Key management errors in Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software



Published: 2023-03-23
Risk Medium
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2023-20107
CWE-ID CWE-320
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		Adaptive Security Appliance 5506-X
Hardware solutions / Firmware

Adaptive Security Appliance 5506H-X
Hardware solutions / Firmware

Adaptive Security Appliance 5506W-X
Hardware solutions / Firmware

Adaptive Security Appliance 5508-X
Hardware solutions / Firmware

Adaptive Security Appliance 5516-X
Hardware solutions / Firmware

Cisco Adaptive Security Appliance (ASA)
Hardware solutions / Security hardware applicances

Cisco Firepower Threat Defense (FTD)
Hardware solutions / Security hardware applicances

Vendor Cisco Systems, Inc

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Key management errors

EUVDB-ID: #VU73975

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2023-20107

CWE-ID: CWE-320 - Key Management Errors

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause a cryptographic collision.

The vulnerability exists due to insufficient entropy in the deterministic random bit generator (DRBG) for the affected hardware platforms when generating cryptographic keys. A remote attacker can generate a large number of cryptographic keys, discover the private key and decrypt traffic that is sent to or from the target device.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Adaptive Security Appliance 5506-X: All versions

Adaptive Security Appliance 5506H-X: All versions

Adaptive Security Appliance 5506W-X: All versions

Adaptive Security Appliance 5508-X: All versions

Adaptive Security Appliance 5516-X: All versions

Cisco Adaptive Security Appliance (ASA): before 9.12.1

Cisco Firepower Threat Defense (FTD): before 6.4.0

CPE2.3 External links

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa5500x-entropy-6v9bHVYP


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###