Cisco Confirms Critical Firewall Software Bug Is Under Attack

Attackers are trying to exploit a critical vulnerability in Cisco’s Adaptive Security Appliance firewall software, the company has confirmed.

Cisco has updated its advisory for the vulnerability, which was first revealed on Jan. 29 and has been logged as CVE-2018-0101, on Feb. 7. “The Cisco Product Security Incident Response Team (PSIRT) is aware of public knowledge of the vulnerability that is described in this advisory,” the update states. “Cisco PSIRT is aware of attempted malicious use of the vulnerability described in this advisory.”

The vulnerability received a Common Vulnerability Scoring System base score of 10.0, the highest possible. It was first discovered by Cedric Halbronn, a researcher with NCC Group.

Source: Threatpost