Date of Notice: 6/25/2021
Action Level - Critical
Description ASA Vulnerability (due to Cisco and ASA presence in our customer environment)
MCNC wants to update you on vulnerabilities affecting Cisco firewalls. Previously we communicated on April 28th about these vulnerabilities; however, these vulnerabilities are now being actively exploited.
These vulnerabilities could allow someone to force reboot the devices and in one case (CVE-2021-1448, affecting FTD devices running in multi-instance mode) potentially allow malicious code to be run on the device.
Cisco recommends checking to see if your device is running vulnerable software, and if so making plans to update at your earliest convenience. If you have an FTD and are currently running in multi-instance mode, we recommend taking immediate action.
The full advisory list can be found here, and all relevant advisory pages (example here) include a table to see if your current software is affected as well as the first fixed release for all of these vulnerabilities.