Cisco has found another zero-day exploit, dubbed “Benigncertain,” which targets PIX firewalls. Neither Cisco has developed a patch for the flaw, nor any workarounds are available. Cisco promised to release software updates to patch CVE-2016-6415 but did not specify a time frame. The company said the vulnerability is currently under exploit, advising its customers to employ intrusion detection system (IDS) and intrusion prevention systems (IPS) to help stop the attacks. Cisco’s IOS operating system XR versions 4.3.0.x, 5.1.x.
Source: https://thehackernews.com/2016/09/cisco-nsa-exploit.html