#VU54899 Reachable Assertion in Cisco Adaptive Security Appliance (ASA) - CVE-2021-1422

Cybersecurity Help s.r.o.

Published: 2021-07-15

Vulnerability identifier: #VU54899

Vulnerability risk: Medium

CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-1422

CWE-ID: CWE-617

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Cisco Adaptive Security Appliance (ASA)
Hardware solutions / Security hardware applicances

Vendor: Cisco Systems, Inc

Description

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to a logic error in how the software cryptography module handles specific types of decryption errors. A remote user can send malicious packets over an established IPsec connection and perform a denial of service attack.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Cisco Adaptive Security Appliance (ASA): 9.16.1

External links
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ipsec-dos-TFKQbgWC
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy66711

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Denial of service in Cisco Adaptive Security Appliance (ASA)