Cisco ASA < 9.0(4.38) IKEv1 and IKEv2 UDP Packet Handling RCE (cisco-sa-20160210-asa-ike)
Critical Log Correlation Engine Plugin ID 801949
Synopsis
The remote device is missing a vendor-supplied security patch.
Description
The remote Cisco Adaptive Security Appliance (ASA) is missing a vendor-supplied security patch. It is, therefore, affected by a remote code execution vulnerability due to an overflow condition in the Internet Key Exchange (IKE) implementation. An unauthenticated, remote attacker can exploit this, via a specially crafted UDP packet, to cause a denial of service or the execution of arbitrary code. Note that only systems configured in routed firewall mode and single / multiple context mode are affected.
Solution
Upgrade to the relevant fixed version referenced in Cisco Security Advisory cisco-sa-20160210-asa-ike.