Cisco fixed the high-risk security vulnerabilities in variant products

Recently, Cisco officially issued a security bulletin to fix high-risk vulnerabilities in its various products. These vulnerabilities are a denial of service CVE-2018-15454 and a remote code execution CVE-2018-16986.

CVE-2018-15454

A vulnerability in the Session Initiation Protocol (SIP) inspection engine of Cisco Adaptive Security Appliance (ASA) software and Cisco Firepower Threat Defense (FTD) software that could allow unauthenticated remote attackers to reload affected devices or CPUs The usage rate is too high, causing a denial of service attack.

The vulnerability is caused by improper handling of SIP traffic, which can be triggered by an attacker by sending a carefully crafted SIP request to a vulnerable device. By default, SIP checking is enabled in both the ASA and FTD software.

Affected products:

The vulnerability affects SIP inspections and runs the following products from Cisco ASA software version 9.4 and later, Cisco FTD software version 6.0 and later:

  • 3000 Series Industrial Safety Equipment (ISA)
  • ASA 5500-X Series Next-Generation Firewall
  • ASA Service Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
  • Adaptive Secure Virtual Appliance (ASAv)
  • Firepower 2100 Series Safety Equipment
  • Firepower 4100 Series Safety Equipment
  • Firepower 9300 ASA Security Module
  • Virtual FTD (FTDv)

Solution:

There are no official software updates to fix this vulnerability, but the following four mitigations have been announced.

  • Disable SIP check
  • Block the offending host
  • Filter sending address 0.0.0
  • SIP traffic rate limit

More specific mitigations are detailed in the Workarounds section of this reference link.

CVE-2018-16986

The Remote Code Execution (RCE) vulnerability found in Texas Instruments’ low-power Bluetooth (BLE) chips CC2640 and CC2650.

When BLE is turned on on the affected device, an attacker in its vicinity can exploit the vulnerability by broadcasting a malformed BLE frame.

Affected products:

product Cisco bug ID Fixed Release Availability
Cisco 1540 Aironet Series Outdoor Access Points CSCvk44163 8.8.100.0
Cisco 1800i Aironet Access Points CSCvk44163 8.8.100.0
Cisco 1810 Aironet Access Points CSCvk44163 8.8.100.0
Cisco 1815i Aironet Access Points CSCvk44163 8.8.100.0
Cisco 1815m Aironet Access Points CSCvk44163 8.8.100.0
Cisco 1815w Aironet Access Points CSCvk44163 8.8.100.0
Cisco 4800 Aironet Access Points CSCvk44163 8.8.100.0
Meraki MR30H AP N/A MR 25.13 and later
Meraki MR33 AP N/A MR 25.13 and later
Meraki MR42E AP N/A MR 25.13 and later
Meraki MR53E AP N/A MR 25.13 and later
Meraki MR74 N/A MR 25.13 and later

Solution:

For the above-affected products, Cisco officially released the corresponding software update, please update your affected product as soon as possible.