Eric Wustrow

**Name of the Vulnerable Software and Affected Versions** Cisco Adaptive Security Appliance (ASA) Software versions 9.16.1 and later Cisco Firepower Threat Defense (FTD) Software versions 7.0.0 and later **Description** A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve an RSA private key. This vulnerability is due to a logic error when the RSA key is stored in memory on a hardware platform that performs hardware-based cryptography. An attacker could exploit this vulnerability by using a Lenstra side-channel attack against the targeted device. Approximately 5 percent of the RSA keys on a device that is running a vulnerable release of Cisco ASA Software or Cisco FTD Software are expected to be affected. If an attacker obtains the RSA private key, they could use the key to impersonate a device that is running Cisco ASA Software or Cisco FTD Software or to decrypt the device traffic. **Recommendations** For Cisco Adaptive Security Appliance (ASA) Software versions 9.16.1 and later, administrators may need to remove improperly formed or vulnerable RSA keys and likely revoke any certificates associated with these keys. For Cisco Firepower Threat Defense (FTD) Software versions 7.0.0 and later, administrators may need to remove improperly formed or vulnerable RSA keys and likely revoke any certificates associated with these keys. As a temporary workaround, consider disabling the use of RSA keys on affected devices until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Moxa OnCell Gateway versions prior to 1.4 **Description** The issue is related to insufficient entropy for SSH and SSL keys, making it easier for remote attackers to gain access by leveraging knowledge of a key from another product installation. **Recommendations** For versions prior to 1.4, update the firmware to version 1.4 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Innominate mGuard Smart HW versions before HW-101130 Innominate mGuard BD versions before BD-101030 Innominate mGuard industrial RS (affected versions not specified) Innominate mGuard delta HW versions before HW-103060 Innominate mGuard delta BD versions before BD-211010 Innominate mGuard PCI (affected versions not specified) Innominate mGuard blade (affected versions not specified) Innominate EAGLE mGuard appliances with software versions prior to 7.5.0 **Description** The issue is related to insufficient entropy for private keys, making it easier for man-in-the-middle attackers to spoof HTTPS or SSH servers by predicting a key value. **Recommendations** For Innominate mGuard Smart HW versions before HW-101130, update to a version after HW-101130. For Innominate mGuard BD versions before BD-101030, update to a version after BD-101030. For Innominate mGuard industrial RS, Innominate mGuard PCI, and Innominate mGuard blade, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Innominate mGuard delta HW versions before HW-103060, update to a version after HW-103060. For Innominate mGuard delta BD versions before BD-211010, update to a version after BD-211010. For Innominate EAGLE mGuard appliances with software versions prior to 7.5.0, update to software version 7.5.0 or later.