Critical vulnerability discovered in Cisco firewalls

Please be aware that a critical vulnerability has been discovered in Cisco firewalls. We recommend that you have this patched as soon as possible. This vulnerability affects systems using webvpn that have it enabled on an interface. In other words, systems using the client VPN functionality.

The vulnerability, known as CVE-2018-0101, enables an attacker to intercept data flowing through the firewall and administrator rights. It is also possible to disrupt the existing operation and potentially run code in all affected systems. As you can see, this is an extremely critical vulnerability, which we highly recommend that you have patched. The vulnerability has been given a CVSS score of 10, which is the highest possible.

We at Netic have already performed certain emergency changes and have patched our own equipment affected by the vulnerability.

Further information from external provider:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1
https://www.nccgroup.trust/uk/about-us/newsroom-and-events/press-releases/2018/january/critical-security-vulnerability-found-in-business-firewalls/