CISCO announced a sudden increase, as the holiday season starts, in attempts to exploit a vulnerability identified in 2018 (CVE-2018-0296). The vulnerability is: (a) denial-of-service; b) Information disclosure directory traversal.
CAUSE (Reported so far), improper input validation of the HTTP URL.
IMPACT (Reported so far) (a). Firewall Reboot; which can mean that the firewall is practically absent while it is re-loading and (b)Disclosure of unauthorized information
OBJECTIVE (Anticipated)(a) Diverting attention to execute another attack; (b)Disclosed information may be used to execute next step of a larger objective.
Mitigation (a) Run non-affected version i.e. CISCO released updates to address the vulnerability; (b) Snort signature to detect this attack is 46897.
CVSS Score is 8.6 for this vulnerability. (7.0-8.9 is considered HIGH Risk and 9.0-10.0 is considered critical).