Security News > 2020 > July > Vulnerability in Cisco Firewalls Exploited Shortly After Disclosure

Cisco this week informed customers that it has patched a high-severity path traversal vulnerability in its firewalls that can be exploited remotely to obtain potentially sensitive files from the targeted system.

Cisco has also highlighted that exploiting the vulnerability only allows the attacker to access files on the web services file system, not ASA or FTD system files or files on the underlying operating system.

"The web services files that the attacker can view may have information such as WebVPN configuration, bookmarks, web cookies, partial web content, and HTTP URLs," Cisco explained.

"An attacker can send a specially crafted HTTP request to gain access to the file system, which stores data in RAM. Thus an attacker could read certain WebVPN files containing such information as the WebVPN configuration of Cisco ASA users, bookmarks, cookies, web content, and HTTP URLaddresses."

Cisco initially said it was not aware of any attacks exploiting CVE-2020-3452, but within hours the company updated its advisory to inform customers that a PoC exploit had been made available.

News URL

http://feedproxy.google.com/~r/Securityweek/~3/xNqpWobFQAI/vulnerability-cisco-firewalls-exploited-shortly-after-disclosure