Security advisories

Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability

February 26, 2019 | 1 MIN READ

Speak With A Security Expert Now

TALK TO AN EXPERT

Dear Valued Customer,

Please be advised that there has been a critical vulnerability identified by Cisco that will require patching. eSentire recommends that this patching take place as soon as possible to ensure the integrity of your networks. Cisco hardware for eSentire services has not been identified as affected by this vulnerability.

The Vulnerability

A vulnerability in the Internet Key Exchange (IKE) version 1 (v1) and IKE version 2 (v2) code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to obtain full administrative control of the device.

Affected Products

Cisco ASA Software running on the following products may be affected by this vulnerability:

The full Cisco Security Advisory can be found HERE

If your organization is currently running any of the affected products please proceed with patching as soon as possible. If you have any further questions please reach out to your Cisco Support representative.

Further Reading

National Vulnerability Database - Vulnerability Summary for CVE-2016-1287

Exodus Intelligence - Execute My Packet

View Most Recent Advisories