The enterprise firewall devices running Cisco’s Adaptive Security Appliance (ASA), Firepower Threat Defense (FTD), and Firepower Management Center (FMC) software are affected by 33 high- and medium-severity vulnerabilities, according to a report this week from Cisco.
The most serious security flaw is CVE-2022-20927, a flaw in ASA and FTD software’s dynamic access policies (DAP) capability that lets a remote, unauthenticated attacker set up a denial-of-service (DoS) event. Memory handling mistakes that occurred while processing GRE traffic are the cause of the problem.