Bug in Cisco’s Firewall Can Lead to Simple DoS Attack

Two of Cisco’s security software – Firepower Threat Defense (FTD) and Adaptive Security Appliance (ASA) had a common bug that an attacker could exploit without any special privilege.

This consequence shall be a Denial-of-Service, thus making the device useless to concerned users. The bug was given a high severity score, and soon Cisco patched this with an update. Security researchers and Cisco recommended users update their software to be secure.

An Improper Validation Bug

Bug in Cisco's Firewall Can Lead to Simple DoS Attack

Many businesses around the world use cisco’s security devices. From firewalls to network connectors, Cisco got everything to keep a company up and running safely. But, any inconsistencies in their software can lead to significant attacks on the client’s business.

Thus, Cisco warns users to be aware of security issues that surface regularly and patch when available. This is similar to the case of Firepower Threat Defense (FTD) and Adaptive Security Appliance (ASA) firewalls. A threat intel firm named Positive Technologies has discovered a bug in the above software of Cisco and informed the maker.

In their blog post, Positive Technologies tagged the bug (CVE-2021-34704) with a high severity score. They warned that a potential hacker doesn’t need any elevated privileges or special access to exploit it! All he needs to do is by sending a specially crafted form request, with one of their parts being of a different size than anticipated by the device.

This will cause the device to crash and run into a state of reloading or restarting. This is termed a Denial-of-Service attack, as it makes the service useless for the users. Cisco noted this as an improper input validation error when parsing the HTTPS requests.

This will cause the client’s firewall to be broken, making it vulnerable to external cyberattacks. Also, the remote employees will be unable to access the company’s internal network for working. Cisco released a patch for this bug to both the firewall software and recommended users to apply it.