Showing results for 
Search instead for 
Did you mean: 

Clarification on required patches for CVE-2022-20715 and ASA with FTD



I am reviewing the details for the CVE-2022-20715 notice, at:

We are using an ASA with Firepower Services, v6.7.0.3.     About 3/4 of the way down the page, on the table for FTD software, this is listed:

Cisco FTD Software Release:

First Fixed Release for This Vulnerability:

First Fixed Release for All Vulnerabilities Described in the Bundle of Advisories:
Migrate to a fixed release.

I'm not clear on what exactly I need to patch with.   Do I need to apply all four of the packages listed under the second column?   And for 'first fixed release for all vuln described in the bundle...' is that indicating that we need to upgrade to a later release to address other vulnerabilities besides those addressed in this advisory?


1 Accepted Solution

Accepted Solutions

@MauryJ if you are running ASA with Firepower then you'd want to upgrade the FPR module, the latest is 7.0.4 - there doesn't appear to be for FPR module.

The images you provided in the first post are for the FTD image, which is different to the FPR module, which also uses the ASA image.

View solution in original post

3 Replies 3

Rob Ingram
VIP Expert VIP Expert
VIP Expert

@MauryJ those packages are for different hardware.

Firepower 1000 series:Cisco_FTD_SSP_FP1K_Hotfix_AA-

Firepower 2100 series: Cisco_FTD_SSP_FP2K_Hotfix_AA-

Firepower 4100/9300: Cisco_FTD_SSP_Hotfix_AA-

ASA 5500-X series and ISA 3000: Cisco_FTD_Hotfix_AA-

FTDv: Cisco_FTD_Hotfix_AA-

What hardware are you running? Are you sure your hardware even supports 6.7

@Rob Ingram  Thanks Rob-

We are using an ASA-5516X with Firepower Services, and it is running currently.   Last I checked, it could go up to at least 7.0.