Cisco Firepower System Software Detection Engine Malware and File Policies for RTF and RAR file types Improper Input Validation Protection Mechanism Failure Vulnerability
Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types.
The information has been provided by Yaser Mansour.
The original article can be found at: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-firepwr-bypass
The vulnerabilities are not dependent on one another; exploitation of one of the vulnerabilities is not required to exploit the other. In addition, a software release that is affected by one of the vulnerabilities may not be affected by the other.
3000 Series Industrial Security Appliances (ISAs)
Adaptive Security Appliance (ASA) 5500-X Series Firewalls
ASA 5500-X Series with FirePOWER Services
Advanced Malware Protection (AMP) for Networks for FirePOWER 7000 Series Appliances
AMP for Networks for FirePOWER 8000 Series Appliances
Firepower 2100 Series
Firepower 4100 Series
Firepower 1000 Series Appliances
FirePOWER 7000 Series Appliances
FirePOWER 8000 Series Appliances
Firepower 9300 Security Appliances
Firepower Threat Defense for Integrated Services Routers (ISRs)
FTD Virtual (FTDv)
Next-Generation Intrusion Prevention System (NGIPS)