Security News > 2022 > August > Cisco fixes bug allowing RSA private key theft on ASA, FTD devices

Cisco fixes bug allowing RSA private key theft on ASA, FTD devices
2022-08-10 17:37

Tracked as CVE-2022-20866, this security flaw is due to a weakness in handling RSA keys on ASA and FTD devices.

If successfully exploited, it can let unauthenticated attackers retrieve an RSA private key remotely, which they can use to decrypt the device traffic or impersonate Cisco ASA/FTD devices.

"This vulnerability is due to a logic error when the RSA key is stored in memory on a hardware platform that performs hardware-based cryptography," Cisco said in a security advisory published on Wednesday.

Cisco says that if a key was configured for use at any time, it is also possible that the RSA private key has been leaked to threat actors.

"As the result of this vulnerability, Cisco ASA or FTD device administrators may need to remove malformed or susceptible RSA keys and possibly revoke any certificates associated with those RSA keys," the company added.

Cisco's security advisory provides additional information regarding vulnerable configurations and indicators of compromise for Cisco ASA or FTD Software fixed releases.


News URL

https://www.bleepingcomputer.com/news/security/cisco-fixes-bug-allowing-rsa-private-key-theft-on-asa-ftd-devices/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2022-08-10 CVE-2022-20866 Information Exposure Through Discrepancy vulnerability in Cisco products
A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve an RSA private key.
network
low complexity
cisco CWE-203
7.5

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 4409 230 3101 1852 602 5785
RSA 29 21 66 14 4 105