Security News > 2020 > May > Bored at home? Cisco has just the thing: A shed-load of security fixes to install, from a Kerberos bypass to crashes
Despite the absence of a critical remote code or command execution bug, the patches include a number of serious programming blunders, particularly in the context of the network security appliances where they were found.
The Adaptive Security Appliance range - Cisco's fancy term for a firewall - is host to 11 of the bug fixes.
Among the more serious is CVE-2020-3125, a Kerberos bypass that can be exploited by "An unauthenticated, remote attacker to impersonate the Kerberos key distribution center and bypass authentication on an affected device that is configured to perform Kerberos authentication for VPN or local device access."
Other fixes include HTTP header injection bugs in Umbrella, HTTP detection security bypass bugs in multiple routers and security appliances, and a bug in Cisco Content SMA allowing users to be redirected to attack sites.
Admins are advised to test and install the patches as soon as possible, hopefully before next Tuesday when Microsoft, Intel, Adobe, and SAP are due to deliver their monthly security fixes.
News URL
https://go.theregister.co.uk/feed/www.theregister.co.uk/2020/05/07/cisco_may_patches/
Related news
- CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches (source)
- EDRSilencer red team tool used in attacks to bypass security (source)
- Hackers Abuse EDRSilencer Tool to Bypass Security and Hide Malicious Activity (source)
- North Korean hackers create Flutter apps to bypass macOS security (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-06 | CVE-2020-3125 | Improper Authentication vulnerability in Cisco products A vulnerability in the Kerberos authentication feature of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to impersonate the Kerberos key distribution center (KDC) and bypass authentication on an affected device that is configured to perform Kerberos authentication for VPN or local device access. | 9.8 |