Security News > 2022 > August > Cisco fixes bug allowing RSA private key theft on ASA, FTD devices
Tracked as CVE-2022-20866, this security flaw is due to a weakness in handling RSA keys on ASA and FTD devices.
If successfully exploited, it can let unauthenticated attackers retrieve an RSA private key remotely, which they can use to decrypt the device traffic or impersonate Cisco ASA/FTD devices.
"This vulnerability is due to a logic error when the RSA key is stored in memory on a hardware platform that performs hardware-based cryptography," Cisco said in a security advisory published on Wednesday.
Cisco says that if a key was configured for use at any time, it is also possible that the RSA private key has been leaked to threat actors.
"As the result of this vulnerability, Cisco ASA or FTD device administrators may need to remove malformed or susceptible RSA keys and possibly revoke any certificates associated with those RSA keys," the company added.
Cisco's security advisory provides additional information regarding vulnerable configurations and indicators of compromise for Cisco ASA or FTD Software fixed releases.
News URL
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-08-10 | CVE-2022-20866 | Information Exposure Through Discrepancy vulnerability in Cisco products A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve an RSA private key. | 7.5 |