So I have an ASA5506 running ASA220.127.116.11 . I know that it has vulnerabilities and would like to update to 18.104.22.168. But I dont have a contract - For this download my cisco login says "Additional Entitlement Required" - So how ca I patch this unit to protect my network please?
Actually, if there's a published security advisory you may be eligible to get the patched software free of charge and without having a contract from Cisco.
You should call the TAC and have the security advisory number on hand to cite. They may give you some push back but stick to your rights and cite the language in the PSIRT. For example:
"Cisco has released free software updates that address the vulnerability described in this advisory. "