back to article Cisco firewalls under attack – and there's no patch: Too many SIPs and they drown in data

Cisco says miscreants are actively exploiting a SIP vulnerability in its networking gear that it disclosed on Wednesday. The bug, CVE-2018-15454, lies within code in some Adaptive Security Appliances, and its Firepower Threat Defense software, that handles Session Initiation Protocol (SIP) packets. SIP is the signalling …

  1. Anonymous Coward
    Mushroom

    Miscreants actively exploiting a SIP vulnerability

    A security device itself vulnerable to attack. I would have though a company with an annual revenue of US$49.3 billion would have picked this up in the development and testing phase. Cisco does actually have a department charged with such a vital task?

    1. Christian Berger Silver badge

      It's a common theme

      Usually adding more complexity to a problem makes it less secure. That's why most common "security in a box" solutions had their own vulnerabilities. One prominent example was Microsoft who executed Visual Basic in a virtual machine running at "system" privilidges in order to find out if said program was malevolent. It's also common for AV systems to choke while processing obscure archive formats.

    2. Anonymous Coward
      Anonymous Coward

      Re: Miscreants actively exploiting a SIP vulnerability

      Considering how limited the SIP inspection on Cisco ASA firewalls is (there is a list of unsupported SIP features), that most SIP implementations over the Internet should now use SIP over TLS (when the ASA doesn't support TLS/SSL decryption) and that although SIP inspection is enabled by default, the likelihood of someone having it enabled, with ACL's that allow access to SIP and not having hit issues that cause it to be disabled is pretty small i.e. approaching zero in the real world.

      All the money in the world doesn't fix something that is so broken that Cisco TAC advises that it be turned off...

  2. This post has been deleted by a moderator

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020