Cisco security devices vulnerability: Positive Technologies

Positive Technologies has discovered a vulnerability in the Cisco ASA (Adaptive Security Appliance) and Cisco FTD (Firepower Threat Defense) firewalls that can lead to denial of service.
Cisco Live
The severity level of vulnerability CVE-2021-34704 was assessed as high (CVSSv3.0 score of 8.6), and users are recommended to install updates as soon as possible.

Cisco is an enterprise firewall market leader, according to Forrester Research, and more than 1 million Cisco security appliances are deployed throughout the world.

“If hackers disrupt the operation of Cisco ASA and Cisco FTD, a company will be left without a firewall and remote access (VPN). If the attack is successful, remote employees or partners will not be able to access the internal network of the organization, and access from the outside will be restricted,” Positive Technologies’ Nikita Abramov said.

To fix the vulnerability, follow the manufacturer’s recommendations outlined in the security advisory.

Positive Technologies has previously discovered vulnerabilities in Cisco Firepower Device Manager (FDM) On-Box and critical flaws in Cisco ASA, such as CVE-2020-3187, CVE-2020-3259, and CVE-2020-3452.

NTA/NDR solutions for traffic analysis such as PT Network Attack Discovery, can help detect attempts to exploit vulnerabilities in Cisco firewalls.

One of the ways to detect signs of penetration is to use SIEM solutions (MaxPatrol SIEM), which help identify suspicious behavior and prevent intruders from moving laterally within the corporate network. Next-generation vulnerability management systems like MaxPatrol VMcan also provide continuous monitoring of vulnerabilities within the infrastructure.