Monday, May 5, 2025
HomeCyber Security NewsHackers Exploit Cisco Zero Day Vulnerability in Wild Resulting in DoS Condition

Hackers Exploit Cisco Zero Day Vulnerability in Wild Resulting in DoS Condition

Published on

SIEM as a Service

Follow Us on Google News

A critical vulnerability in Session Initiation Protocol (SIP) of Cisco ASA and FTD software that allows an unauthenticated remote attacker to crash and reload the device. The vulnerability occurs due to the improper handling of SIP traffic.

A remote attacker could exploit the Cisco Zero Day vulnerability by sending a crafted SIP request that would trigger high CPU usage or reload the device results in DoS condition.

Cisco says the security update to address the vulnerability is not yet available and at the time there is no workaround for this vulnerability, reads Cisco advisory.

- Advertisement - Google News

Affected Products – Cisco Zero Day

The vulnerability affects Cisco ASA Software Release 9.4 and later and Cisco FTD Software Release 6.0 and later if SIP inspection is enabled.

3000 Series Industrial Security Appliance (ISA)
ASA 5500-X Series Next-Generation Firewalls
ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
Adaptive Security Virtual Appliance (ASAv)
Firepower 2100 Series Security Appliance
Firepower 4100 Series Security Appliance
Firepower 9300 ASA Security Module
FTD Virtual (FTDv)

The Indication of the Device in Attack

If any vulnerable device actively exploited by attackers, the administrators can see a large number of incomplete SIP connections over conn port 5060 and the output of show processes CPU-usage non-zero sorted will show a high CPU utilization.

Successful exploitation on the device leads device crashing and reloading, Cisco to free software updates that address the vulnerability described in this advisory.

The vulnerability can be tracked as CVE-2018-15454 and it receives the Base score 8.6.

Related Read

Cisco Releases Security Updates that Covers 16 Vulnerabilities that had Critical and High Impact

Cisco Released Security Updates for Multiple Vulnerabilities that Affected Cisco Products

Cisco Released Critical Security Updates for Vulnerabilities that Affected Cisco Products

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Hackers Exploit Email Fields to Launch XSS and SSRF Attacks

Cybersecurity researchers are raising alarms as hackers increasingly weaponize email input fields to execute cross-site...

Luna Moth Hackers Use Fake Helpdesk Domains to Target Victims

A recent investigation by cybersecurity firm EclecticIQ, in collaboration with threat hunters, has exposed...

SonicBoom Attack Chain Lets Hackers Bypass Login and Gain Admin Control

Cybersecurity researchers have uncovered a dangerous new exploitation technique, dubbed the "SonicBoom Attack Chain,"...

Researcher Uses Copilot with WinDbg to Simplify Windows Crash Dump Analysis

A researcher has unveiled a novel integration between AI-powered Copilot and Microsoft's WinDbg, dramatically...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Hackers Exploit Email Fields to Launch XSS and SSRF Attacks

Cybersecurity researchers are raising alarms as hackers increasingly weaponize email input fields to execute cross-site...

Luna Moth Hackers Use Fake Helpdesk Domains to Target Victims

A recent investigation by cybersecurity firm EclecticIQ, in collaboration with threat hunters, has exposed...

SonicBoom Attack Chain Lets Hackers Bypass Login and Gain Admin Control

Cybersecurity researchers have uncovered a dangerous new exploitation technique, dubbed the "SonicBoom Attack Chain,"...