Security gears of Fortinet and Cisco exploit made public after a claimed hack of NSA malware. Fixes to address the exploits have been issued by both the companies after they determined the exploit possess real threats to their products. Which include Fortinet’s signature Fortinet firewalls and Cisco’s PIX and ASA firewalls.
The Shadow Brokers actually had the malware from NSA that it claimed it hacked from them is actually in its possession proved the exploit post. Fortinet’s lone security advisory is fresh while Cisco has already patched one exploits before as soon as it knew about it and the second one the company just learned about.
Due to the reason that this vulnerability can be exploited remotely on the affected device Cisco rated it high. Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA 1000V Cloud Firewall, Cisco ASA 5500 Series Adaptive Security Appliances, Cisco PIX Firewalls, Cisco Firewall Services Module (FWSM) and Cisco Firepower 9300 ASA Security Module are a few Cisco devices exploited.
Fortinet marked high the Cookie Parser Buffer Overflow Vulnerability as this can grant remote administrative access. Certain Fortinet’s firmware like FOS 4.2.12 and below, FOS 4.3.8 and below and FOS 4.1.10 and below called FOS released before August 2012 are affected.