Security News > 2021 > June > Cisco security devices targeted with CVE-2020-3580 PoC exploit
Attackers and bug hunters are leveraging an exploit for CVE-2020-3580 to compromise vulnerable security devices running Cisco ASA or FTD software.
Active attacks apparently started after Positive Technologies researchers shared proof-of-concept exploit code last Thursday via Twitter.
In April 2021, Cisco released new software updates because the fix for CVE-2020-3581 was incomplete.
Nine months have passed since CVE-2020-3580 was fixed, and Positive Technologies researchers were apparently confident that enough organizations have implemented the security updates and that releasing the PoC exploit code would not be widely damaging.
According to Tenable, attackers have started actively exploiting CVE-2020-3580 in the wild.
Cisco's updated security advisory can serve as a guide.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/D2yoG11oQnk/
Related news
- Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters: Are You at Risk? (source)
- Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility (source)
- New Security Flaws Found in VMware Tools and CrushFTP — High Risk, PoC Released (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- PoC exploit for critical Erlang/OTP SSH bug is public (CVE-2025-32433) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-21 | CVE-2020-3580 | Cross-site Scripting vulnerability in Cisco products Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. | 6.1 |
| 2020-10-21 | CVE-2020-3581 | Cross-site Scripting vulnerability in Cisco products Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. | 6.1 |