THIS FIELD NOTICE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTY OF MERCHANTABILITY. YOUR USE OF THE INFORMATION ON THE FIELD NOTICE OR MATERIALS LINKED FROM THE FIELD NOTICE IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS FIELD NOTICE AT ANY TIME.
Affected Product Name | Description | Comments |
---|---|---|
ASA5506-FTD-K9 | ^^^ASA 5506-X with Firepower Threat Defense, 8GE, AC | |
ASA5506-K8 | ASA 5506-X with FirePOWER services, 8GE, AC, DES | |
ASA5506-K9 | ASA 5506-X with FirePOWER services, 8GE, AC, 3DES/AES | |
ASA5508-FTD-K9 | ^ASA 5508-X with Firepower Threat Defense, 8GE, AC | |
ASA5508-K8 | ^ASA 5508-X with FirePOWER services, 8GE, AC, DES | |
ASA5508-K9 | ^ASA 5508-X with FirePOWER services, 8GE, AC, 3DES/AES | |
ASA5516-FPWR-K8 | ^ASA 5516-X with FirePOWER services, 8GE, AC, DES | |
ASA5516-FPWR-K9 | ^ASA 5516-X with FirePOWER services, 8GE, AC, 3DES/AES | |
ASA5516-FTD-K9 | ^ASA 5516-X with Firepower Threat Defense, 8GE, AC |
Defect ID | Headline |
CSCvu51528 | ASA5506/5508/5516 Rework Process Issue |
Some Adaptive Security Appliances (ASAs) provided as Return Material Authorization (RMA) replacements might fail in operation due to a rework process error that resulted in the omission of a proactive fix.
Due to a rework process error, some ASA5506, ASA5508, and ASA5516 security appliances that were provided as RMA replacements might be missing a proactive fix. The affected RMA replacements were shipped from spare depots to customers between April 2018 and July 2019. Manufacturing new units that shipped from spare depots or shipped by direct order fulfillment are not affected by this issue.
Affected security appliances will function normally on installation, but product failures are expected to increase over time. After the security appliance has failed, the unit will no longer function, will not boot, and is not recoverable.
The security appliance no longer functions and the system fails to boot. There will be no output from the console port.
In addition, the LED status indicators on the security appliance illuminate as follows:
Customers with affected products (see the How to Identify Affected Products section) should contact the Cisco Technical Assistance Center (TAC) to request a replacement unit. A valid Cisco support contract is required to open a TAC Service Request.
For customers who request replacements, note that the license activation key is tied to the ASA chassis serial number. Contact the Cisco Licensing Team in order to have your current license transferred to the replacement chassis serial number. The Cisco Licensing Team will ask for the Product Authorization Key reference number and current serial number. For more information about ASA licensing, see Cisco ASA Series General Operations CLI Configuration Guide, 9.6.
In order to determine whether your product might be affected by this issue, examine the chassis serial number of the security appliance.
The chassis serial number can be obtained from the CLI or through visual inspection of the security appliance. For units that have already failed due to this issue, a visual inspection of the security appliance or review of the Sales Order documentation is required.
CLI
Enter the show inventory command to obtain the chassis serial number (SN) of the appliance:
asa> show inventory
Name: "Chassis", DESCR: "ASA 5508-X with FirePOWER services, 8GE, AC, DES"
PID: ASA5508 , VID: V01 , SN: JMX1234ABCD
Note: In order to avoid Cisco bug ID CSCtz56314 (ASA5500-X Chassis Serial Number Not Visible from CLI), do not use the show version command.
Visual Inspection of the ASA Security Appliance
The serial number information is located on the bottom surface of the appliance.
Cisco provides the Serial Number Validation Tool to verify whether a device is impacted by this issue. To check the device, enter the serial number in the Serial Number Validation Tool.
Important: For security reasons, you must click the Serial Number Validation Tool link that is provided in this section. Do not copy and paste the link into a browser. Use of the Serial Number Validation Tool URL external to this field notice will fail.
Version | Description | Section | Date |
1.2 | Updated the solution. | Workaround/Solution | 2025-MAY-07 |
1.1 | Updated the Upgrade Program Information to use Support Case Manager (SCM). | Upgrade Program Information | 2023-JUL-24 |
1.0 | Initial Release | — | 2020-JUN-22 |
For further assistance or for more information about this field notice, contact the Cisco Technical Assistance Center (TAC) using one of the following methods:
To receive email updates about Field Notices (reliability and safety issues), Security Advisories (network security issues), and end-of-life announcements for specific Cisco products, set up a profile in My Notifications.
Unleash the Power of TAC's Virtual Assistance