Cisco security appliances under attack, still no patch available


A vulnerability (CVE-2018-15454) affecting a slew Cisco security appliances, modules and firewalls is being exploited in the wild to crash and reload the devices, the company has warned on Thursday.


About CVE-2018-15454

The vulnerability is in the Session Initiation Protocol (SIP) inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software, and allows unauthenticated, remote attackers to cause an affected device to reload or trigger high CPU, resulting in a DoS condition.

Read more…