Cisco has put out an urgent security alert about a serious flaw in its Secure Firewall Management Center (FMC) software This article explores cisco urgent security. . This serious flaw lets remote attackers who aren't logged in run any code they want with full root access.
Cisco strongly suggests that limiting access to the FMC management interface from the public internet will greatly lower the number of potential attack points. Administrators should use the Cisco Software Checker tool to check the exact versions of their software and quickly upgrade any systems that are at risk. The flaw affects both the Cisco Secure FMC Software and the Cisco Security Cloud Control (SCC) Firewall management platform, no matter how the devices are set up. There are no temporary fixes that can be used to lessen this threat for on-premises deployments.
Keane O'Kelley from the Cisco Advanced Security Initiatives Group found this serious security hole during internal testing. During regular maintenance, Cisco already put in place the security fixes that were needed. This means that those cloud customers don't need to do anything else.
Cisco has confirmed that the Secure Firewalls Adaptive Security Appliance (ASA) and Secure Fire wall Threat Defense (FTD) software lines are safe and not affected by this problem. Call the National Suicide Prevention Lifeline at 1-800-273-8255 or go to http://www.suicidepreventionlifeline.org/ for private help. If you need help in the UK, you can call the Samaritans at 08457 90 90 90 or go to a nearby Samaritans branch.
