Security News > 2020 > July > Psst.. You may want to patch this under-attack data-slurping Cisco bug – and these Ripple20 hijack flaws
The under-attack bug is CVE-2020-3452, a path-traversal flaw in Switchzilla's Adaptive Security Appliance and Firepower Threat Defense software that can be used to "Read sensitive files on a targeted system." While there was no publicly available exploit code for the high-severity bug when first publicized, a day after issuing its advisory, Cisco said the flaw was being targeted in the wild.
The vulnerabilities lie within the Treck IP stack used in Cisco gear, and, if exploited, allow complete takeover of a vulnerable device.
The government agencies say miscreants are using weak points in IT networks to then move onto networks containing controllers and machinery using poorly secured sensors and monitoring chips.
The team at Kaspersky Lab uncovered a framework being used by North Korea's Lazarus hacking crew to infect, manage, and loot PCs. Dubbed MATA, the framework covers everything from malicious code used to first infect victims all the way through to orchestration tools that link up with command-and-control servers, plus various plugins the hackers use to perform the dirty work of pulling data from the infected machines.
They ask the vendors to consider that, under the pandemic, children and less technical users may be relying on their software to stay in touch as they shelter at home, and adjust management and privacy policies accordingly.
News URL
https://go.theregister.com/feed/www.theregister.com/2020/07/25/seucirty_roundup_cisco/
Related news
- Emergency patch: Cisco fixes bug under exploit in brute-force attacks (source)
- Cisco Issues Urgent Fix for ASA and FTD Software Vulnerability Under Active Attack (source)
- Cisco fixes VPN DoS flaw discovered in password spray attacks (source)
- New Cisco ASA and FTD features block VPN brute-force password attacks (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-22 | CVE-2020-3452 | Path Traversal vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. | 7.5 |