First published: Wed Oct 21 2020(Updated: )
A vulnerability in the ICMP ingress packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 4110 appliances could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incomplete input validation upon receiving ICMP packets. An attacker could exploit this vulnerability by sending a high number of crafted ICMP or ICMPv6 packets to an affected device. A successful exploit could allow the attacker to cause a memory exhaustion condition that may result in an unexpected reload. No manual intervention is needed to recover the device after the reload. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmp-dos-hxxcycM This advisory is part of the October 2020 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication, which includes 17 Cisco Security Advisories that describe 17 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: October 2020 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication.
Credit: This vulnerability was found by Santosh Krishnamurthy Cisco during internal security testing
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco FTD Software | >=6.3.0<=6.4.0<6.4.0.10 | 6.4.0.10 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is cisco-sa-ftd-icmp-dos-hxxcycM.
The severity rating of the cisco-sa-ftd-icmp-dos-hxxcycM vulnerability is high (8.6).
The affected software for the cisco-sa-ftd-icmp-dos-hxxcycM vulnerability is Cisco Firepower Threat Defense (FTD) Software version 6.3.0 up to 6.4.0 (up to exclusive) and version 6.4.0.10 (inclusive).
An unauthenticated, remote attacker can exploit the cisco-sa-ftd-icmp-dos-hxxcycM vulnerability by sending specially crafted ICMP ingress packets to the affected device, causing a denial of service (DoS) condition.
Yes, Cisco has released a fix for the cisco-sa-ftd-icmp-dos-hxxcycM vulnerability. It is recommended to update to Cisco Firepower Threat Defense (FTD) Software version 6.4.0.10 or apply the necessary remediation as specified in the Cisco Security Advisory.