Cisco Firewall Vulnerability
Date of Notice: 4/28/2021
Action Level - Critical
Description: Cisco Firewall Vulnerability (due to Cisco and ASA presence in our customer environment)
MCNC wants to bring to your attention a number of new vulnerabilities affecting Cisco firewalls. These vulnerabilities could allow someone to force reboot the devices and in one case (CVE-2021-1448, affecting FTD devices running in multi-instance mode) potentially allow malicious code to be run on the device.
Cisco recommends checking to see if your device is running vulnerable software, and if so making plans to update at your earliest convenience. If you have an FTD and are currently running in multi-instance mode, we recommend taking immediate action.
The full advisory list can be found here, and all relevant advisory pages (example here) include a table to see if your current software is affected as well as the first fixed release for all of these vulnerabilities.