Cisco’s FirePower firewall line receives security update

Cisco's recently launched line of FirePower firewall products are receiving a free “high severity” security update to fix a critical vulnerability that enables attackers to surreptitiously inject malware onto critical systems, according to a Cisco advisory.

The software bug, addressed with update CVE-2016-1345, doesn't properly validate fields in HTTP headers, which could allow an unauthenticated remote attacker to send a crafted HTTP request that could evade detection or could halt policies setup on the system.

The flaw also affects Snort, a Cisco-owned open source network-based intrusion detection system. If Snort source code is compiled with the “enable-file-inspect configuration flag,” then the system is also vulnerable to the malware exploit, Cisco said.

There are no workarounds that address this vulnerability, Cisco said.

In the past month, the  San Jose, Calif.-based networking equipment firm has released advisories on 30 vulnerabilities – one critical, 16 high severity and 13 medium severity. 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.