Admins who use Cisco software such as Firepower Management Center or Firepower Threat Defense to protect and manage networks should update them.

The network equipment supplier lists the affected devices in its security center. The most dangerous is a CSRF vulnerability in FXOS software Firepower Chassis Manager. Put attacker successfully at the loophole (CVE – 2020 – 3456), they could trigger unauthorized actions with prepared requests that are not described in detail. All a victim would have to do is click a link. The vulnerability is classified with the threat level ” high “.

Patch now! Cisco also warns of attacks on a vulnerability (CVE – 2020 – 3118) in the IOS XR software, for which it has been since February 2020 there are security updates. For example, the software is used on ASR 9000 Series Aggretation Services routers Send Discovery Protocol messages to affected devices. If this works, malicious code could be executed with admin rights.

Various attacks possible Adaptive Security Appliance Software, Firepower Management Center and Firepower Threat Defense are particularly susceptible to DoS attacks. Attackers could paralyze devices using prepared queries. Pass-the-hash attacks and bypassing security precautions are also conceivable.

Cisco has published security updates for the vulnerabilities. The warning notices linked below this message contain information on the affected and repaired software versions.

List sorted in descending order according to threat level:

FXOS Software Firepower Chassis Manager Cross-Site Request Forgery Firepower Management Center Software Denial of Service Firepower Threat Defense Software TCP Flood Denial of Service Adaptive Security Appliance Software and Firepower Threat Defense Software SSL / TLS Session Denial of Service Adaptive Security Appliance Software and Firepower Threat Defense Software OSPFv2 Link-Local Signaling Denial of Service Adaptive Security Appliance Software and Firepower Threat Defense Software Denial of Service Adaptive Security Appliance Software and Firepower Threat Defense Software Web Servic es File Upload Denial of Service Adaptive Security Appliance Software and Firepower Threat Defense Software IP Fragment Memory Leak Adaptive Security Appliance Software and Firepower Threat Defense Software SSL VPN Direct Memory Access Denial of Service Firepower 2100 Series SSL / TLS Inspection Denial of Service Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Firepower 4110 ICMP Flood Denial of Service Firepower Threat Defense Software SNMP Denial of Service Firepower Threat Defense Software Multi-Instance Container Escape Firepower Management Center Software Common Access Card Authentication Bypass Firepower Management Center Sun. ftware and Firepower Threat Defense Software sftunnel Pass the Hash Firepower Management Center Software and Firepower Threat Defense Software Directory Traversal Firepower Threat Defense Software Inline Pair / Passive Mode Denial of Service Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Denial of Service Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 1000 / 2100 Series Appliances Secure Boot Bypass FXOS Software for Firepower 4100 / 9300 Series Appliances Secure Boot Bypass FXOS software Command Injection FXOS Software for Firepower 4100 / 9300 Series Command Injection Adaptive Sec urity Appliance Software Web-Based Management Interface Reflected Cross-Site Scripting Firepower Management Center Software Cross- Site Scripting Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Firepower