Cisco has just published an advisory for a very serious vulnerability that exists with the Cisco ASA Security Appliances that could allow a hacker to reboot and modify the firewall configuration.
The list of devices affected are:
This is such a critical security issue that Cisco is making the security patch available to customers who DO NOT have a SmartNet Service Contract.
Below is an excerpt from Cisco:
Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco Technical Assistance Center (TAC):
Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade.
For a detailed description of this critical vulnerability, please reference the following Cisco URL:
Please note that older Cisco ASA devices will also need to upgrade their Cisco ASA Software to the latest version. If your Cisco ASA Firewall is running 8.3 version or older, a complete reconfiguration of the firewall may be required.
If you need help upgrading your Cisco ASA software, please do not hesitate to contact Texas Systems Group. We are available to work with you to ensure your business’ security.