Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability (CVE-2018-0101)

A vulnerability in the SSL VPN functionality of ASA software could allow unauthenticated remote reloads or remote code execution. The vulnerability is tied to the webvpn feature attempting to free a region of memory multiple times, causing an overflow. An attacker could send crafted XML packets and execute arbitrary code to take control of the system.

View Fullscreen

Signup for Vulnerability Reports