If you have a Cisco Firewall and haven’t upgraded after Feb, 7th 2016 and have any crypto on the outside interfaces then you are vulnerable.
Cisco has published a CRITICAL vulnerability on their Cisco ASA firewalls. This vulnerability is on any ASA with a VPN setup on it. The fix is to upgrade to the latest firmware 9.1.7.
This vulnerability directly impacts many of you! Please read the following Cisco Security Advisory:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike
Hackers are using this attack now that it has been published:
https://isc.sans.edu/diary/Critical+Cisco+ASA+IKEv1v2+Vulnerability.+Active+Scanning+Detected/20719
Each upgrade will take time as the automated upgrades typically break the VPNs.
Again, to fix this vulnerability upgrade to the latest patch firmware 9.1.7 – if you need assistance email PEI at info@pei.com or call (303) 823-4321.
Jason Howe, PEI