CVE-2021-34793: 
Cisco Adaptive Security Appliance (ASA) vulnerability analysis and mitigation

CVE-2021-34793 is a vulnerability discovered in the TCP Normalizer of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software operating in transparent mode. The vulnerability was first published on October 27, 2021, and affects Cisco ASA Software and FTD Software when running in transparent firewall mode (Cisco Advisory).

The vulnerability stems from incorrect handling of certain TCP segments when the affected device is operating in transparent mode. It has been assigned a CVSS base score of 8.6 (High severity) with the following vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:X/RL:X/RC:X. The vulnerability is tracked under CWE-924 (Cisco Advisory).

A successful exploitation of this vulnerability could allow an unauthenticated, remote attacker to poison MAC address tables in adjacent devices, resulting in network disruption and denial of service (DoS) condition (Cisco Advisory).

Cisco has released software updates that address this vulnerability. There are no workarounds available. For ASA Software, fixed versions include 9.8.4.40, 9.12.4.24, 9.14.2.15, and 9.15.1.15. For FTD Software, fixed versions include 6.4.0.13, 6.6.5, and 6.7.0.2. Users of earlier versions are advised to migrate to a supported release that includes the fix (Cisco Advisory).