Cisco released security updates for a “high” rated vulnerability in its Adaptive Security Appliance Software and Firepower Threat Defense Software products that could allow a remote attacker to cause a denial-of-service condition
The vulnerability, CVE-2019-1873, is in the cryptographic driver of the products, according to a July 10 security update.
The bug is due to incomplete input validation of a Secure Sockets Layer (SSL) or Transport Layer Security (TLS) ingress packet header and can be exploited by sending a crafted TLS/SSL packet to an interface on the targeted device.
An exploit could allow an attacker to cause the device to reload, resulting in a denial of service (DoS) condition.
Vulnerable products include the ASA 5506-X, ASA 5506-X with FirePOWER Services, ASA 5506H-X, ASA 5506H-X with FirePOWER Services, ASA 5506W-X, ASA 5506W-X with FirePOWER Services, ASA 5508-X, ASA 5508-X with FirePOWER Services, ASA 5516-X, and ASA 5516-X with FirePOWER Services.