Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Device (Firewall)  >   Cisco ASA Vendors:   Cisco
Cisco ASA Double-Free Memory Error in SSL VPN Lets Remote Users Execute Arbitrary Code on the Target System
SecurityTracker Alert ID:  1040292
SecurityTracker URL:
CVE Reference:   CVE-2018-0101   (Links to External Site)
Updated:  Feb 5 2018
Original Entry Date:  Jan 29 2018
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in Cisco ASA. A remote user can execute arbitrary code on the target system.

A remote user can send specially crafted XML packets to the target webvpn-configured interface to trigger a double-free memory error in the SSL VPN function and execute arbitrary code on the target system.

Systems with the webvpn feature enabled are affected.

The following models are affected:

3000 Series Industrial Security Appliance (ISA)
5500 Series Adaptive Security Appliances
5500-X Series Next-Generation Firewalls
ASA Services Module for Catalyst 6500 Series Switches and 7600 Series Routers
1000V Cloud Firewall
Adaptive Security Virtual Appliance (ASAv)

Several Firepower series devices are also affected.

The vendor has assigned bug ID CSCvg35618 to this vulnerability.

Cedric Halbronn from the NCC Group reported this vulnerability.

Impact:   A remote user can execute arbitrary code on the target system.
Solution:   The vendor has issued a revised fix (,,,,,,

[Editor's note: On February 5, 2018, the vendor updated their advisory to announce that additional vulnerabilities have been identified, that the original fixes in the January 29, 2018 advisory are incomplete, and that new fixed versions are available. The fixed versions listed above are the new fixed versions.]

The vendor advisory is available at:

Vendor URL: (Links to External Site)
Cause:   Access control error

Message History:   None.

 Source Message Contents

[Original Message Not Available for Viewing]

Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, LLC