CVE DATABASE / CVE-2016-6366
CVE-2016-6366
Cisco Adaptive Security Appliance (ASA) SNMP Buffer Overflow Vulnerability
Confirmed exploited in the wild. Added 2022-05-24.
Federal remediation due 2022-06-14.
Required action: Apply updates per vendor instructions.
Summary
Buffer overflow in Cisco Adaptive Security Appliance (ASA) Software through 9.4.2.3 on ASA 5500, ASA 5500-X, ASA Services Module, ASA 1000V, ASAv, Firepower 9300 ASA Security Module, PIX, and FWSM devices allows remote authenticated users to execute arbitrary code via crafted IPv4 SNMP packets, aka Bug ID CSCva92151 or EXTRABACON.
CVSS 3.1 breakdown
| Base score | 8.8 (HIGH) |
| Vector | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Attack vector | NETWORK |
| Attack complexity | LOW |
| Privileges required | LOW |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | HIGH |
| Integrity | HIGH |
| Availability | HIGH |
Weakness type (CWE)
Affected products
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- http://blogs.cisco.com/security/shadow-brokers
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-snmp
- http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56516
- http://www.securityfocus.com/bid/92521
- http://www.securitytracker.com/id/1036637
- https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40258.zip
- https://www.exploit-db.com/exploits/40258/
- https://zerosum0x0.blogspot.com/2016/09/reverse-engineering-cisco-asa-for.html
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-6366
Data: NIST NVD + CISA KEV. NVD last modified 2026-04-22. Always verify against the vendor advisory before acting.