Cisco software flaw allows device takeover

Cisco networking devices running adaptive security appliance (ASA) software are vulnerable to a newly discovered flaw.

Threat: This software is found on networking devices that combine firewall, antivirus, intrusion prevention and virtual private network capabilities.

Damage risk: The remote code execution flaw would allow attackers to completely take over the devices.

Exploited flaw: CVE-2018-0101, a vulnerability that Cisco announced in late January, is vulnerable.

Fixes/Workarounds: Cisco issued a patch for the issue when it was initially announced. Since then, Cisco has released security updates with new patches, since the flaw is more widespread than the company originally believed.

Info: tinyurl.com/Cisco213