Headline
CVE-2023-20107: Cisco Security Advisory: Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Low-Entropy Keys Vulnerability
A vulnerability in the deterministic random bit generator (DRBG), also known as pseudorandom number generator (PRNG), in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco ASA 5506-X, ASA 5508-X, and ASA 5516-X Firewalls could allow an unauthenticated, remote attacker to cause a cryptographic collision, enabling the attacker to discover the private key of an affected device. This vulnerability is due to insufficient entropy in the DRBG for the affected hardware platforms when generating cryptographic keys. An attacker could exploit this vulnerability by generating a large number of cryptographic keys on an affected device and looking for collisions with target devices. A successful exploit could allow the attacker to impersonate an affected target device or to decrypt traffic secured by an affected key that is sent to or from an affected target device.
At the time of publication, this vulnerability affected the following Cisco products if they were running a Cisco ASA Software release earlier than Release 9.12.11 or a Cisco FTD Software release earlier than Release 6.4.01 and had features that use ECDSA or RSA keys enabled:
- ASA 5506-X Security Appliances
- ASA 5506H-X Security Appliances
- ASA 5506W-X Security Appliances
- ASA 5508-X Security Appliances
- ASA 5516-X Security Appliances
1. Enhancements to the entropy source in the DRBG that were put in place as result of following the robust Cisco secure development lifecycle (SDL) process prevent this issue from happening in Cisco ASA Software Releases 9.12.1 and later and Cisco FTD Software Releases 6.4.0 and later.
Note: Devices that are running a fixed release of Cisco ASA Software or Cisco FTD Software may also be affected by this vulnerability if they are configured with an ECDSA or RSA key pair that has been generated while running an affected release. If there is doubt, Cisco recommends regenerating all ECDSA and RSA key pairs that are configured on the device.
For information about which Cisco software releases are vulnerable, see the Fixed Software section of this advisory.
ASA Software
In the following table, the left column lists the most common Cisco ASA features that are potentially vulnerable. The right column indicates the basic configuration for the feature from the show running-config CLI command, if it can be determined.
Cisco ASA Feature
Possible Vulnerable Configuration
Adaptive Security Device Manager (ASDM)1
http server enable
http
AnyConnect SSL VPN
webvpn
enable
Cisco Security Manager1
http server enable
http
Clientless SSL VPN (WebVPN)
webvpn
enable
IKEv1 VPN (Remote Access and LAN-to-LAN)
using Certificate-based Authentication
crypto ikev1 enable
crypto ikev1 policy
authentication rsa-sig
tunnel-group ipsec-attributes
trust-point
IKEv2 VPN (Remote Access and LAN-to-LAN)
using Certificate-based Authentication
crypto ikev2 enable
tunnel-group ipsec-attributes
ikev2 remote-authentication certificate
ikev2 local-authentication certificate
Local Certificate Authority (CA)
crypto ca server
no shutdown
Mobile Device Manager (MDM) Proxy
mdm-proxy
enable
Mobile User Security (MUS)
webvpn
mus password
mus server enable port
mus
Proxy Bypass
webvpn
proxy-bypass
REST API1
rest-api image disk0:/
rest-api agent
SSH Access2,3
ssh
1. ASDM, CSM, and REST API services are accessible only from an IP address in the configured http command range.
2. SSH service is accessible only from an IP address in the configured ssh command range.
3. There is no workaround that addresses this vulnerability for SSH access.
FTD Software
In the following table, the left column lists the most common Cisco FTD features that are potentially vulnerable. The right column indicates the basic configuration for the feature from the show running-config CLI command, if it can be determined.
Cisco FTD Feature
Possible Vulnerable Configuration
AnyConnect SSL VPN1,2
webvpn
enable
Clientless SSL VPN (WebVPN)2
webvpn
enable
HTTP Service enabled3,4
http server enable
http
IKEv1 VPN (Remote Access and LAN-to-LAN)
using Certificate-based Authentication1,2
crypto ikev1 enable
crypto ikev1 policy
authentication rsa-sig
tunnel-group ipsec-attributes
trust-point
IKEv2 VPN (Remote Access and LAN-to-LAN)
using Certificate-based Authentication1,2
crypto ikev2 enable
tunnel-group ipsec-attributes
ikev2 remote-authentication certificate
ikev2 local-authentication certificate
SSH Service5,6
ssh
1. Remote Access VPN features are enabled by choosing Devices > VPN > Remote Access in the Cisco FMC or Device > Remote Access VPN in Cisco Firepower Device Manager (FDM).
2. The Clientless SSL VPN feature is not officially supported but can be enabled through FlexConfig.
3. The HTTP feature is enabled by choosing Firepower Threat Defense Platform Settings > HTTP in the Cisco Firepower Management Console (FMC).
4. HTTP service is accessible only from an IP address in the configured http command range.
5. SSH is accessible only from an IP address in the configured ssh command range.
6. There is no workaround that addresses this vulnerability for SSH access.
Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect Cisco ASA Software or FTD Software running on the following platforms:
- 3000 Series Industrial Security Appliances (ISAs)
- ASA 5525-X, 5545-X, 5555-X, and 5585-X Security Appliances
- ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
- Adaptive Security Virtual Appliances (ASAv)
- Firepower 2100 Series
- Firepower 4100 Series
- Firepower 9300 Series
- Firepower Threat Defense Virtual (FTDv/NGFWv)
- Secure Firewall 3100 Series