First published: Wed Aug 10 2022(Updated: )
A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve an RSA private key. This vulnerability is due to a logic error when the RSA key is stored in memory on a hardware platform that performs hardware-based cryptography. An attacker could exploit this vulnerability by using a Lenstra side-channel attack against the targeted device. A successful exploit could allow the attacker to retrieve the RSA private key. The following conditions may be observed on an affected device: Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rsa-key-leak-Ms7UEfZz
Credit: Nadia Heninger the University of California San DiegoGeorge Sullivan the University of California San DiegoJackson Sippe the University of Colorado BoulderEric Wustrow the University of Colorado Boulder
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco ASA Software | =9.18<9.18.2=9.17<9.17.1.13=9.16<9.16.3.19 | 9.18.2 9.17.1.13 9.16.3.19 |
Cisco FTD Software | >=7.0.0<=7.1.0<Cisco_FTD_Hotfix_P-7.1.0.2-2.sh.REL.tarCisco_FTD_SSP_FP1K_Hotfix_P-7.1.0.2-2.sh.REL.tarCisco_FTD_SSP_FP2K_Hotfix_P-7.1.0.2-2.sh.REL.tarCisco_FTD_SSP_Hotfix_P-7.1.0.2-2.sh.REL.tarCisco_FTD_SSP_FP3K_Hotfix_Q-7.1.0.3-2.sh.REL.tar | Cisco_FTD_Hotfix_P-7.1.0.2-2.sh.REL.tarCisco_FTD_SSP_FP1K_Hotfix_P-7.1.0.2-2.sh.REL.tarCisco_FTD_SSP_FP2K_Hotfix_P-7.1.0.2-2.sh.REL.tarCisco_FTD_SSP_Hotfix_P-7.1.0.2-2.sh.REL.tarCisco_FTD_SSP_FP3K_Hotfix_Q-7.1.0.3-2.sh.REL.tar |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of cisco-sa-asaftd-rsa-key-leak-Ms7UEfZz is high (7.4).
The affected software for cisco-sa-asaftd-rsa-key-leak-Ms7UEfZz is Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software.
An unauthenticated, remote attacker can exploit cisco-sa-asaftd-rsa-key-leak-Ms7UEfZz to retrieve an RSA private key.
The recommended solution for cisco-sa-asaftd-rsa-key-leak-Ms7UEfZz is to upgrade to Cisco ASA Software version 9.18.2, 9.17.1.13, or 9.16.3.19, or apply the Cisco FTD Software hotfixes provided by Cisco.
You can find more information about cisco-sa-asaftd-rsa-key-leak-Ms7UEfZz on the Cisco Security Advisory website.