Security News > 2024 > March > Cisco Issues Patch for High-Severity VPN Hijacking Bug in Secure Client
2024-03-08 08:09
Cisco has released patches to address a high-severity security flaw impacting its Secure Client software that could be exploited by a threat actor to open a VPN session with that of a targeted user. The networking equipment company described the vulnerability, tracked as CVE-2024-20337 (CVSS score: 8.2), as allowing an unauthenticated, remote attacker to conduct a carriage return line feed (CRLF
News URL
https://thehackernews.com/2024/03/cisco-issues-patch-for-high-severity.html
Related news
- Cisco patches Secure Client VPN flaw that could reveal authentication tokens (CVE-2024-20337) (source)
- Cisco warns of password-spraying attacks targeting VPN services (source)
- Cisco warns of large-scale brute-force attacks against VPN services (source)
- Cisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH Services (source)