Cisco is warning customers using its Adaptive Security Appliance (ASA) software about a VPN bug that could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code” and “allow an attacker to take full control of the system.”
Because the bug, known as DVE-2018-0101 is easy to use and has a big impact, it has been given a Common Vulnerability Score System score of 10 out of 10.
For you security types, go to Cisco’s advisory to get the technical details, although as of yesterday, the first fix may not have been sufficient.
For those of you who are not security types, get your security types to give you an update on whether this bug impacts your organization and how your organization is mitigating its effect.