Alec Stuart-Muirk

**Name of the Vulnerable Software and Affected Versions** Cisco Adaptive Security Appliance (ASA) Software versions 9.1 through 9.1(5) Cisco Adaptive Security Appliance (ASA) Software versions 9.2 through 9.2(3.2) Cisco Adaptive Security Appliance (ASA) Software versions 9.3 through 9.3(2) **Description** The failover ipsec implementation in Cisco Adaptive Security Appliance (ASA) Software does not properly validate failover communication messages. This allows remote attackers to reconfigure an ASA device and obtain administrative control by sending crafted UDP packets over the local network to the failover interface. **Recommendations** For versions 9.1 through 9.1(5), update to version 9.1(6) or later. For versions 9.2 through 9.2(3.2), update to version 9.2(3.3) or later. For versions 9.3 through 9.3(2), update to version 9.3(3) or later.