Unrated severityNVD Advisory· Published Aug 9, 2010· Updated Apr 29, 2026

CVE-2010-1581

Description

Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtd32627.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Crafted TLS packets cause denial of service (device reload) on Cisco ASA and PIX devices running specific software versions.

Vulnerability

The vulnerability resides in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series and PIX Security Appliances 500 series devices. Affected software versions include ASA 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6). The bug is triggered by a sequence of crafted TLS packets, as identified by Bug ID CSCtd32627 [1].

Exploitation

An attacker can exploit this vulnerability by sending a sequence of crafted TLS packets to the affected device over the network. No authentication or prior access is required; the attacker only needs network connectivity to a TLS-enabled interface on the device. The exact packet sequence is not publicly detailed but reliably causes a device reload [1].

Impact

Successful exploitation results in a denial of service (DoS) condition, causing the device to reload and temporarily lose all network services. The impact is limited to availability; there is no evidence of data disclosure, privilege escalation, or remote code execution [1].

Mitigation

Cisco has released fixed software versions to address this vulnerability: 7.2(5), 8.0(5.15), 8.1(2.44), 8.2(2.17), and 8.3(1.6). Users should upgrade to these or later versions. No workarounds are documented. This vulnerability is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog [1].

References

Cisco Products: Networking, Security, Data Center

AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Cisco Systems, Inc./Cisco Adaptive Security Appliance27 versions
cpe:2.3:o:cisco:adaptive_security_appliance:7.2\(3\):*:*:*:*:*:*:*+ 26 more
- cpe:2.3:o:cisco:adaptive_security_appliance:7.2\(3\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance:7.2\(4\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance:7.2\(5\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance:8.0\(2\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance:8.0\(3\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance:8.0\(4\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance:8.0\(5\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance:8.1\(1\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance:8.1\(2\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance:8.2:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance:8.2\(1\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance:8.2\(2\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance:8.3:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\(1\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\(1.22\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\(2\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\(2.10\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\(2.14\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\(2.15\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\(2.16\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\(2.17\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\(2.19\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\(2.48\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\(2.5\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\(2.7\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\(2.8\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*
Cisco Systems, Inc./PIX Security Appliance 500 Seriesllm-create
Cisco Systems, Inc./5500 Series Adaptive Security Appliancellm-fuzzy
Range: 7.2 < 7.2(5), 8.0 < 8.0(5.15), 8.1 < 8.1(2.44), 8.2 < 8.2(2.17), 8.3 < 8.3(1.6)

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtmlnvdPatchVendor Advisory
secunia.com/advisories/40842nvdVendor Advisory
www.securityfocus.com/bid/42187nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000