Security News > 2021 > June > Cisco ASA vulnerability actively exploited after exploit released
Hackers are scanning for and actively exploiting a vulnerability in Cisco ASA devices after a PoC exploit was published on Twitter.
This Cisco ASA vulnerability is cross-site scripting vulnerability that is tracked as CVE-2020-3580.
On Thursday, researchers from Positive Technologies Offensive Team published a PoC exploit for the Cisco ASA CVE-2020-3580 vulnerability on Twitter.
The released exploit will display a JavaScript alert in the user's browser when they visit a specially crafted malicious webpage.
Soon after the PoC was released, Tenable reported that threat actors are actively exploiting the vulnerability on affected devices but did not disclose what malicious activity was being performed.
As threat actors are now actively exploiting the vulnerability, it is crucial for administrators to immediately patch vulnerable Cisco ASA devices so threat actors cannot exploit them.
News URL
Related news
- Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks (source)
- Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners (source)
- Cisco warns of denial of service flaw with PoC exploit code (source)
- Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-21 | CVE-2020-3580 | Cross-site Scripting vulnerability in Cisco products Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. | 6.1 |