Security News > 2020 > July > Vulnerability in Cisco Firewalls Exploited Shortly After Disclosure

Vulnerability in Cisco Firewalls Exploited Shortly After Disclosure
2020-07-24 10:25

Cisco this week informed customers that it has patched a high-severity path traversal vulnerability in its firewalls that can be exploited remotely to obtain potentially sensitive files from the targeted system.

Cisco has also highlighted that exploiting the vulnerability only allows the attacker to access files on the web services file system, not ASA or FTD system files or files on the underlying operating system.

"The web services files that the attacker can view may have information such as WebVPN configuration, bookmarks, web cookies, partial web content, and HTTP URLs," Cisco explained.

"An attacker can send a specially crafted HTTP request to gain access to the file system, which stores data in RAM. Thus an attacker could read certain WebVPN files containing such information as the WebVPN configuration of Cisco ASA users, bookmarks, cookies, web content, and HTTP URLaddresses."

Cisco initially said it was not aware of any attacks exploiting CVE-2020-3452, but within hours the company updated its advisory to inform customers that a PoC exploit had been made available.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/xNqpWobFQAI/vulnerability-cisco-firewalls-exploited-shortly-after-disclosure

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2020-07-22 CVE-2020-3452 Path Traversal vulnerability in Cisco Adaptive Security Appliance Software
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system.
network
low complexity
cisco CWE-22
7.5

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 2046 21 1773 1669 288 3751