Security News

Cisco Patches High-Risk Flaw in ASA, FTD Software
2021-07-16 16:27

Cisco on Thursday released patches for a high severity vulnerability in the Adaptive Security Appliance and Firepower Threat Defense software, warning that exploitation could lead to crippling denial-of-service attacks. In an advisory that carries a 'high-severity' rating, Cisco said the software cryptography module of both ASA and FTD software is affected by a vulnerability exploitable by either a remote authenticated attacker or an unauthenticated attacker in a man-in-the-middle position.

Cisco ASA Flaw Under Active Attack After PoC Exploit Posted Online
2021-06-30 08:48

A security vulnerability in Cisco Adaptive Security Appliance that was addressed by the company last October, and again earlier this April, has been subjected to active in-the-wild attacks following the release of proof-of-concept exploit code. The PoC was published by researchers from cybersecurity firm Positive Technologies on June 24, following which reports emerged that attackers are chasing after an exploit for the bug.

Cisco ASA vulnerability actively exploited after exploit released
2021-06-27 16:31

Hackers are scanning for and actively exploiting a vulnerability in Cisco ASA devices after a PoC exploit was published on Twitter. This Cisco ASA vulnerability is cross-site scripting vulnerability that is tracked as CVE-2020-3580.

Cisco ASA Bug Now Actively Exploited as PoC Drops
2021-06-25 16:08

Researchers at Positive Technologies published the PoC for the bug on Thursday. Real-World Attacks for Cisco ASA. The Cisco ASA is a cybersecurity perimeter-defense appliance that combines firewall, antivirus, intrusion prevention and virtual private network capabilities, all meant to stop threats from making it onto corporate networks.

Attackers are exploiting Cisco ASA/FTD flaw in search for sensitive data
2020-07-27 11:24

An unauthenticated file read vulnerability affecting Cisco Adaptive Security Appliance and Firepower Threat Defense software is being exploited by attackers in the wild. There's a proof of concept doing the rounds for directory path traversal in Cisco AnyConnect SSL VPN. It's already being mass spammed across internet.

Cisco Fixes High-Severity Flaws In Firepower Security Software, ASA
2020-05-07 18:43

Specifically affected is Cisco's Firepower Threat Defense software, which is part of its suite of network security and traffic management products; and its Adaptive Security Appliance software, the operating system for its family of ASA corporate network security devices. The most severe flaw exists in the web service interfaces for ASA software and FTD software.

Cisco Data Center Network Manager flaws fixed, Cisco ASA appliances under attack
2020-01-06 11:08

Cisco has fixed 12 vulnerabilities in Cisco Data Center Network Manager, a platform for managing Cisco switches and fabric extenders that run NX-OS, and has warned about a spike in exploitation attempts of an old flaw affecting Cisco Adaptive Security Appliance and Firepower Appliance software. "The vulnerabilities are not dependent on one another; exploitation of one of the vulnerabilities is not required to exploit another vulnerability," Cisco shared.

Hackers Continue to Exploit Cisco ASA Vulnerability Patched Last Year
2019-12-20 19:25

Cisco has warned customers that a vulnerability patched last year in its Adaptive Security Appliance (ASA) and Firepower Appliance products continues to be targeted by hackers. read more

Cisco ASA Flaw Exploited in DoS Attacks
2018-06-27 04:50

Cisco has informed users that a recently patched vulnerability affecting its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software has been exploited in denial-of-service...

Cisco ASA and Firepower flaw exploited in the wild
2018-06-26 20:40

A high-severity vulnerability affecting Cisco ASA and Firepower security appliances is being exploited in the wild after an exploit has been released online on Friday. “Cisco PSIRT has become...