Cisco VPN remote code execution flaw rated 'severe' - Yes, it's really that bad

This week Cisco issued an advisory regarding a security flaw in Cisco hardware devices running their Adaptive Security Appliance (ASA) software. This vulnerability is considered severe and everyone should patch now, because if the vulnerability is properly exploited, it could result in remote code execution and denial of service.


The flaw is as bad as it gets, considering CVE-2018-0101 has the most severe Common Vulnerability Score System (CVSS) score possible — 10 out of 10. Vulnerabilities rated with a 10 CVSS score mean they can be easily exploited remotely and require no authentication.

Ten is also the number of vulnerable products running Cisco ASA:

  • 3000 Series Industrial Security Appliance (ISA)
  • ASA 5500 Series Adaptive Security Appliances
  • ASA 5500-X Series Next-Generation Firewalls
  • ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
  • ASA 1000V Cloud Firewall
  • Adaptive Security Virtual Appliance (ASAv)
  • Firepower 2100 Series Security Appliance
  • Firepower 4110 Security Appliance
  • Firepower 9300 ASA Security Module
  • Firepower Threat Defense Software (FTD)

Read more about this critical flaw here: