In the boot sequence a boot loader called ROMMON (ROM monitor) starts, loads a Linux kernel, which then loads the lina_monitor, which then loads lina. This schedules processes internally rather than using the Linux facilities. It runs a single Executable and Linkable Format program called lina. A code insertion implant called BANANAGLEE, was made persistent by JETPLOW. In 2017 The Shadow Brokers revealed the existence of two privilege escalation exploits against the ASA called EPICBANANA and EXTRABACON. Īnother flaw in a WebVPN feature was fixed in 2018.
Ī security flaw was identified when users customized the Clientless SSL VPN option of their ASA's but was rectified in 2015. Early reviews indicated the Cisco GUI tools for managing the device were lacking. Cisco ASA has become one of the most widely used firewall/VPN solutions for small to medium businesses.
