Security News > 2021 > June > Cisco ASA Bug Now Actively Exploited as PoC Drops

Cisco ASA Bug Now Actively Exploited as PoC Drops
2021-06-25 16:08

Researchers at Positive Technologies published the PoC for the bug on Thursday.

Real-World Attacks for Cisco ASA. The Cisco ASA is a cybersecurity perimeter-defense appliance that combines firewall, antivirus, intrusion prevention and virtual private network capabilities, all meant to stop threats from making it onto corporate networks.

As Tenable researchers said: "An attacker would need to convince 'a user of the interface' to click on a specially crafted link." This can be accomplished via a spear-phishing email campaign targeting probable ASA users using malicious links, or via watering-hole attacks.

Thanks to the sheer size of its footprint, the Cisco ASA is no stranger to attention from cyberattackers.

The flaw tracked as CVE-2020-3580 was patched on October 21 as part of a group of XSS issues in Cisco's ASA as well as the Firepower Threat Defense software, which is a unified firewall image that includes ASA management.

"All four vulnerabilities exist because Cisco ASA and FTD software web services do not sufficiently validate user-supplied inputs," according to the advisory, which noted that the bug in question rates 6.1 out of 10 on the CVSSv3 vulnerability-severity scale.


News URL

https://threatpost.com/cisco-asa-bug-exploited-poc/167274/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2020-10-21 CVE-2020-3580 Cross-site Scripting vulnerability in Cisco products
Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device.
network
low complexity
cisco CWE-79
6.1

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 2046 21 1773 1669 288 3751