Exodus Intelligence have released the proof of concept code on their GitHub page

On February, 10 2016 a vulnerability related to the Internet Key Exchange (IKE) protocol implementation of Cisco devices (CVE-2016–1287) was ufficially released.

Yesterday, the researchers who found this bug, Exodus Intel, have released the proof of concept code on their GitHub page.


Affected Products

  • Cisco ASA 5500 Series Adaptive Security Appliances
  • Cisco ASA 5500-X Series Next-Generation Firewalls
  • Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
  • Cisco ASA 1000V Cloud Firewall
  • Cisco Adaptive Security Virtual Appliance (ASAv)
  • Cisco Firepower 9300 ASA Security Module
  • Cisco ISA 3000 Industrial Security Appliance

Cisco has already released a software updates that address the vulnerability.


The POC

[embed]https://gist.github.com/andreafortuna/657ed351b1231bfa43ffe8a603c3fb95[/embed]


Links and resources