{"id":42213,"date":"2021-06-28T09:42:32","date_gmt":"2021-06-28T09:42:32","guid":{"rendered":"http:\/\/icloud.pe\/blog\/?guid=50a17e829e4dcfc12a4c35879cb4a796"},"modified":"2021-06-28T09:42:32","modified_gmt":"2021-06-28T09:42:32","slug":"cisco-flaw-under-attack-after-researchers-publish-exploit-poc","status":"publish","type":"post","link":"https:\/\/icloud.pe\/blog\/cisco-flaw-under-attack-after-researchers-publish-exploit-poc\/","title":{"rendered":"Cisco flaw under attack after researchers publish exploit PoC"},"content":{"rendered":"


\n Keumars Afifi-Sabet<\/a><\/span>
\n <\/span><\/p>\n

\n
\n
28 Jun, 2021<\/span><\/div>\n<\/p><\/div>\n<\/div>\n

\n<\/a><\/p>\n

\n

Hackers<\/a> are targeting a vulnerability in Cisco\u2019s Adaptive Security Appliance (ASA) after security researchers published a proof-of-concept (PoC<\/span>) for a successful exploit.<\/p>\n

Positive Technologies SWARM, the security company\u2019s offensive research team, published an exploit PoC<\/a>\u00a0for the flaw tracked as CVE<\/span>-2020-3580 last week. This was originally patched in October 2020 alongside CVE<\/span>-2020-3581 through to CVE<\/span>-2020-3583.<\/p>\n

<\/p>\n

\nThis issue, which is considered to be moderately severe, concerns multiple vulnerabilities in the web services interface of Cisco ASA software and Cisco Firepower Threat Defense<\/span> (FTD<\/span>) software.\u00a0<\/p>\n

On unpatched systems, Cisco ASA\/FTD<\/span> software web services don\u2019t sufficiently validate user-supplied inputs. To exploit the bug successfully, hackers would need to convince a user on the interface to click on a malicious link<\/a>. The vulnerability is rated 6.1 out of ten on the CVSS<\/span> threat severity scale.<\/p>\n

Exploitation could allow an attacker to remotely conduct cross-site scripting (XSS) attacks<\/a> on affected devices that haven\u2019t been patched. Cisco ASA Software is the core operating system that powers the Cisco ASA family, comprising devices that offer firewall tools among other security-oriented services.<\/p>\n

Since the PoC<\/span> was posted online, Positive Technologies researcher Mikhail Klyuchnikov<\/a>\u00a0reported that many other researchers are also chasing bug bounties for this vulnerability. Tenable researchers<\/a> have also reported that attacks are exploiting CVE<\/span>-2020-3580.<\/p>\n

Cisco issued a patch for this flaw in October 2020, but the fix for CVE<\/span>-2020-3581 was only partial, and the company had to issue a second patch in April this year. As of last July, there were 85,000 ASA\/FTD<\/span> devices distributed across the business landscape.\u00a0<\/p>\n

Cisco Adaptive Security Appliance (ASA) Software is the core operating system that powers the Cisco ASA family. It offers firewall tools for various ASA devices, with ASA Software also integrating with other critical security technologies to deliver security-oriented products.\u00a0<\/p>\n

Businesses are being advised to patch their systems<\/a> with the latest update to avoid falling victim to successful attacks. <\/p>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"

Keumars Afifi-Sabet<\/p>\n

28 Jun, 2021 <\/p>\n

Hackers are targeting a vulnerability in Cisco\u2019s Adaptive Security Appliance (ASA) after security researchers published a proof-of-concept (PoC) for a successful exploit.
\nPositive Technol…<\/p>\n","protected":false},"author":433,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[],"tags":[],"class_list":["post-42213","post","type-post","status-publish","format-standard","hentry"],"_links":{"self":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/42213","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/users\/433"}],"replies":[{"embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/comments?post=42213"}],"version-history":[{"count":1,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/42213\/revisions"}],"predecessor-version":[{"id":42214,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/42213\/revisions\/42214"}],"wp:attachment":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/media?parent=42213"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/categories?post=42213"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/tags?post=42213"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}