Security News > 2021 > June > Cisco security devices targeted with CVE-2020-3580 PoC exploit
Attackers and bug hunters are leveraging an exploit for CVE-2020-3580 to compromise vulnerable security devices running Cisco ASA or FTD software.
Active attacks apparently started after Positive Technologies researchers shared proof-of-concept exploit code last Thursday via Twitter.
In April 2021, Cisco released new software updates because the fix for CVE-2020-3581 was incomplete.
Nine months have passed since CVE-2020-3580 was fixed, and Positive Technologies researchers were apparently confident that enough organizations have implemented the security updates and that releasing the PoC exploit code would not be widely damaging.
According to Tenable, attackers have started actively exploiting CVE-2020-3580 in the wild.
Cisco's updated security advisory can serve as a guide.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/D2yoG11oQnk/
Related news
- Cisco warns of denial of service flaw with PoC exploit code (source)
- 390,000+ WordPress Credentials Stolen via Malicious GitHub Repository Hosting PoC Exploits (source)
- Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection (source)
- Critical security hole in Apache Struts under exploit (source)
- Adobe warns of critical ColdFusion bug with PoC exploit code (source)
- LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers (source)
- Security pros baited with fake Windows LDAP exploit traps (source)
- Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-21 | CVE-2020-3580 | Cross-site Scripting vulnerability in Cisco products Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. | 6.1 |
| 2020-10-21 | CVE-2020-3581 | Cross-site Scripting vulnerability in Cisco products Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. | 6.1 |