NCSC Cyber Security Advisory CSA-2018-34

Critical Cisco ASA Remote Code Execution Vulnerability - Update Detail

This is an update to the National Cyber Security Centre (NCSC) advisory CSA-2018-31, about the critical vulnerability in Cisco’s Adaptive Security Appliance (ASA) software (CVE-2018-0101). Exploitation of this vulnerability could allow a remote attacker to take control of affected systems, or perform Denial of Service against affected systems.

Cisco has identified additional attack vectors in the WebVPN feature of Cisco ASA and has released another update.

The NCSC recommends network owners and administrators review the new Cisco Security Advisory, and apply the updated patch.  

Cisco Advisory