cisco-sa-asaftd-mgcp-SUqB8VKH: Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Media Gateway Control Protocol Denial of Service Vulnerabilities
First published: Wed May 06 2020(Updated: )
Multiple vulnerabilities in the Media Gateway Control Protocol (MGCP) inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerabilities are due to inefficient memory management. An attacker could exploit these vulnerabilities by sending crafted MGCP packets through an affected device. An exploit could allow the attacker to cause memory exhaustion resulting in a restart of an affected device, causing a DoS condition for traffic traversing the device. Cisco has released software updates that address the vulnerabilities described in this advisory. There are no workarounds that address these vulnerabilities. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-mgcp-SUqB8VKH This advisory is part of the May 2020 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication, which includes 12 Cisco Security Advisories that describe 12 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: May 2020 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication.
Credit: These vulnerabilities were found during internal security testing.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco ASA | =9.12<9.12.2.1=9.10<9.10.1.27>=9.7=9.8<=9.9<9.9.2.66>=Earlier than 9.5=9.5<=9.6<9.6.4.34 | 9.12.2.1 9.10.1.27 9.9.2.66 9.6.4.34 |
| Cisco FTD Major | >=Earlier than 6.1.0=6.1.0=6.2.0=6.2.1=6.2.2<=6.2.3<6.2.3.16 (June 2020)Cisco_FTD_Hotfix_DT-6.2.3.16-3.sh.REL.tarCisco_FTD_SSP_FP2K_Hotfix_DT-6.2.3.16-3.sh.REL.tarCisco_FTD_SSP_Hotfix_DT-6.2.3.16-3.sh.REL.tar | 6.2.3.16 (June 2020)Cisco_FTD_Hotfix_DT-6.2.3.16-3.sh.REL.tarCisco_FTD_SSP_FP2K_Hotfix_DT-6.2.3.16-3.sh.REL.tarCisco_FTD_SSP_Hotfix_DT-6.2.3.16-3.sh.REL.tar |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of cisco-sa-asaftd-mgcp-SUqB8VKH?
The severity of cisco-sa-asaftd-mgcp-SUqB8VKH is significant, as it could allow remote attackers to cause a denial of service.
How do I fix cisco-sa-asaftd-mgcp-SUqB8VKH?
To fix cisco-sa-asaftd-mgcp-SUqB8VKH, update to the appropriate Cisco ASA or FTD software version listed in the advisory.
Which systems are affected by cisco-sa-asaftd-mgcp-SUqB8VKH?
cisco-sa-asaftd-mgcp-SUqB8VKH affects multiple versions of Cisco ASA and Cisco FTD software.
Can an unauthenticated user exploit cisco-sa-asaftd-mgcp-SUqB8VKH?
Yes, an unauthenticated remote attacker can exploit cisco-sa-asaftd-mgcp-SUqB8VKH to create a denial of service condition.
What are the risks of not addressing cisco-sa-asaftd-mgcp-SUqB8VKH?
Not addressing cisco-sa-asaftd-mgcp-SUqB8VKH may lead to service interruption and potential downtime.
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/author
- agent/title
- agent/weakness
- agent/severity
- agent/references
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/cisco-advisory
- source/Cisco
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco asa
- version/cisco asa/9.12
- version/cisco asa/9.10
- version/cisco asa/9.7
- version/cisco asa/9.8
- version/cisco asa/9.9
- version/cisco asa/earlier than 9.5
- version/cisco asa/9.5
- version/cisco asa/9.6
- canonical/cisco ftd major
- version/cisco ftd major/earlier than 6.1.0
- version/cisco ftd major/6.1.0
- version/cisco ftd major/6.2.0
- version/cisco ftd major/6.2.1
- version/cisco ftd major/6.2.2
- version/cisco ftd major/6.2.3