Security News
An unauthenticated file read vulnerability affecting Cisco Adaptive Security Appliance and Firepower Threat Defense software is being exploited by attackers in the wild. There's a proof of concept doing the rounds for directory path traversal in Cisco AnyConnect SSL VPN. It's already being mass spammed across internet.
Specifically affected is Cisco's Firepower Threat Defense software, which is part of its suite of network security and traffic management products; and its Adaptive Security Appliance software, the operating system for its family of ASA corporate network security devices. The most severe flaw exists in the web service interfaces for ASA software and FTD software.
Cisco has fixed 12 vulnerabilities in Cisco Data Center Network Manager, a platform for managing Cisco switches and fabric extenders that run NX-OS, and has warned about a spike in exploitation attempts of an old flaw affecting Cisco Adaptive Security Appliance and Firepower Appliance software. "The vulnerabilities are not dependent on one another; exploitation of one of the vulnerabilities is not required to exploit another vulnerability," Cisco shared.
Cisco has warned customers that a vulnerability patched last year in its Adaptive Security Appliance (ASA) and Firepower Appliance products continues to be targeted by hackers. read more
Cisco has informed users that a recently patched vulnerability affecting its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software has been exploited in denial-of-service...
A high-severity vulnerability affecting Cisco ASA and Firepower security appliances is being exploited in the wild after an exploit has been released online on Friday. “Cisco PSIRT has become...
Cisco has patched a critical vulnerability in the Identity Firewall feature of Cisco ASA Software, which would allow a remote attacker to execute arbitrary code and obtain full control of the...
Among the Equation Group exploits leaked by the Shadow Brokers, the one named EXTRABACON that targets Cisco ASA devices got the most attention from security researchers and attackers. It has been...