Cisco patches two critical vulnerabilities that could lead to DoS attacks

  • The flaws are detected as CVE-2019-1721 and CVE-2019-1694.
  • The flaws impact Cisco’s TelePresence Video Communication Server and ASA 5500-X Series Firewalls.

Cisco has released security patches for two high-severity flaws that can allow attackers to launch Denial of Service (DoS) attacks. The flaws are detected as CVE-2019-1721 and CVE-2019-1694. The flaws impact Cisco’s TelePresence Video Communication Server and ASA 5500-X Series Firewalls.

What are the vulnerabilities?

CVE-2019-1721 is the vulnerability with the wildest likely impact. It is a flaw in the phone-book feature of Cisco Expressway Series and Cisco TelePresence Video Communication Server. The flaw could allow an unauthenticated remote attacker to increase the performance of CPU to 100 percent, causing a DoS condition on an affected system.

The bug is related to improper handling of XML input by affected devices.

“An attacker could exploit this vulnerability by sending a Session Initiation Protocol (SIP) message with a crafted XML payload to an affected device. A successful exploit could allow the attacker to exhaust CPU resources, resulting in a DoS condition. Manual intervention may be required to recover the device,” the security bulletin read.

CVE-2019-1694 is the second critical flaw that exists in the TCP processing engine of Cisco Adaptive Security Appliance (ASA) software and Cisco Firepower Threat Defense (FTD) software.

The vulnerability is due to improper handling of TCP traffic.

“An attacker who is using a TCP protocol that is configured for inspection could exploit this vulnerability by sending a specific sequence of packets at a high rate through an affected device,” Cisco stated in its bulletin.

The bottom line

Cisco has released software updates to address both vulnerabilities. In addition, it has also addressed several other medium-severity flaws found across its products.