Jeremy Kirk at Databreach just wrote about a serious vulnerability found on nearly all of Cisco’s IOS devices (Including ASA’s). The vulnerability named Thangrycat requires a good amount of effort to patch the affected hardware, although at the moment, its saving grace is that the attach requires the “local attacker” to be authenticated in order to write a modified firmware image to the component.
Not all gloom and doom, but a significant find!