Patch released for Cisco ASA firewall vulnerability discovered by Positive Technologies

Positive Technologies expert Mikhail Klyuchnikov has uncovered a dangerous vulnerability in the Cisco ASA firewall¹. With it, an unauthenticated remote attacker could access files relating to the device's web interface, potentially causing disclosure of sensitive information. Cisco has published a software update and recommends installing it as soon as possible.
Klyuchnikov commented: "This vulnerability, known as CVE-2020-3452 and having a CVSSv3 score of 7.5, is highly dangerous. The cause is a failure to sufficiently verify inputs. An attacker can send a specially crafted HTTP request to gain access to the file system (RamFS), which stores data in RAM. Thus an attacker could read certain WebVPN files containing such information as the WebVPN configuration of Cisco ASA users, bookmarks, cookies, web content, and HTTP URL addresses."
To eliminate the vulnerability, update Cisco ASA to the most recent version.
Previously, Positive Technologies had discovered Cisco ASA vulnerability CVE-2020-3187 (score 9.1), exploitation of which could be used to disable the Cisco ASA VPN. A second vulnerability, CVE-2020-3259 (score 7.5), potentially enabled an attacker to read portions of the device memory, find a current token, and thereby access an organization's internal network.
Source Click Here
By at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

FortiManager Zero-Day Exploit: Fortinet Issues Urgent Security Warning

  Fortinet Issues Urgent Warning About Critical FortiManager Vulnerability (CVE-2024-47575) Fortinet has publicly disclosed a critical vulne...