CISCO ASA

Pierluigi Paganini February 17, 2024
CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks

CISA warns that the Akira Ransomware gang is exploiting the Cisco ASA/FTD vulnerability CVE-2020-3259 (CVSS score: 7.5) in attacks in the wild. This week the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco ASA and FTD bug, tracked as CVE-2020-3259 (CVSS score: 7.5), to its Known Exploited Vulnerabilities catalog. The vulnerability CVE-2020-3259 is an information disclosure issue that resides […]

Pierluigi Paganini February 16, 2024
CISA adds Microsoft Exchange and Cisco ASA and FTD bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Exchange and Cisco ASA and FTD bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following two vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: The vulnerability CVE-2020-3259 is an information disclosure issue that resides in the web services […]

Pierluigi Paganini September 08, 2023
Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks

A zero-day vulnerability (CVE-2023-20269) in Cisco ASA and FTD is actively exploited in ransomware attacks, the company warns. Cisco warns that a zero-day vulnerability (CVE-2023-20269) in Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) is actively exploited by ransomware groups to gain initial access to corporate networks. An unauthenticated, remote attacker can exploit […]

Pierluigi Paganini August 11, 2022
Cisco fixed a flaw in ASA, FTD devices that can give access to RSA private key

Cisco addressed a high severity flaw, tracked as CVE-2022-20866, affecting Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software. Cisco addressed a high severity vulnerability in its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software. The flaw, tracked as CVE-2022-20866, impacts the handling of RSA keys on devices running Cisco ASA Software and […]

Pierluigi Paganini July 17, 2021
Cisco fixes high-risk DoS flaw in ASA, FTD Software

Cisco addressed a high severity DoS vulnerability in the Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software. Cisco this week released security updates for a high severity vulnerability in the Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) products. The flaw resides in the software cryptography module of both ASA and FTD […]

Pierluigi Paganini June 27, 2021
Hackers target Cisco ASA devices after a PoC exploit code was published online

Experts warn of attacks against Cisco ASA devices after researchers have published a PoC exploit code on Twitter for a known XSS vulnerability. Experts warn of attacks against Cisco ASA devices after researchers from Positive Technologies have published a PoC exploit code on Twitter for the CVE-2020-3580 XSS vulnerability. Tenable experts published an alert about […]

Pierluigi Paganini July 24, 2020
CVE-2020-3452 flaw in Cisco ASA/FTD exploited within hours after the disclosure

Cisco fixed CVE-2020-3452 high-severity path traversal flaw in its firewalls that can be exploited by remote attackers to obtain sensitive files from the targeted system. Cisco addressed a high-severity path traversal vulnerability in its firewalls, tracked as CVE-2020-3452, that can be exploited by remote attackers to obtain potentially sensitive files from the targeted system. Cisco […]

Pierluigi Paganini December 21, 2019
Watch out, hackers are targeting CVE-2018-0296 Cisco fixed in 2018

Cisco has warned customers that hackers continue to target Cisco ASA and Firepower Appliance products by exploiting the CVE-2018-0296 flaw. Experts warn that threat actors continue to exploit the CVE-2018-0296 flaw to target Cisco ASA and Firepower Appliance. The vulnerability could be exploited by a remote, unauthenticated attacker to gain access to sensitive information through […]

Pierluigi Paganini December 23, 2018
Cisco ASA is affacted by a privilege escalation flaw. Patch it now!

Cisco Adaptive Security Appliance (ASA) Software is affected by a vulnerability that could be exploited by an attacker to retrieve files or replace software images on a device.  A privilege escalation vulnerability tracked as CVE-2018-15465 affects the Cisco Adaptive Security Appliance (ASA) software. The flaw could be exploited by an unauthenticated, remote attacker to perform […]

Pierluigi Paganini February 11, 2018
Hackers are exploiting the CVE-2018-0101 CISCO ASA flaw in attacks in the wild

Hackers are exploiting the CVE-2018-0101 CISCO ASA flaw in attacks in the wild and a Proof-of-concept exploit code is available online. This week, Cisco has rolled out new security patches for a critical vulnerability, tracked as CVE-2018-0101, in its CISCO ASA (Adaptive Security Appliance) software. This is the second the tech giant issued a security patch to fix the […]