EXTRABACON is a zero day remote code execution exploit for Cisco Adaptive Security Appliance (ASA) devices. It leverages an SNMP overflow and relies on knowing the target's uptime and software version. Versions affected include 802, 803, 804, 805, 821, 822, 823, 824, 825, 831, 832, 841, 842, 843, 844. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content. Cisco is providing mitigations as a patch currently does not exist. Continue reading...
