The vulnerability, CVE-2020-3259, impacts Cisco's Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) products.
The vulnerability, CVE-2020-3259, impacts Cisco's Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) products.
It allows a remote, unauthenticated attacker to potentially retrieve sensitive information from the memory of a vulnerable device, including access credentials.
“During the past weeks, the Truesec CSIRT team found forensic data indicating that the Akira Ransomware group might be actively exploiting an old Cisco ASA (Adaptive Security Appliance) and FTD (Firepower Threat Defence) vulnerability tracked as CVE-2020-3259.” states the report published by Truesec.
Devices with the Anyconnect SSL VPN feature enabled are susceptible to exploitation of this vulnerability.
The vulnerability can be exploited by an attacker to extract sensitive data, such as usernames and passwords, from the memory of the impacted devices.
The researchers investigated eight incidents related to the Akira ransomware. They determined that the vulnerability in Cisco Anyconnect SSL VPN served as the entry point for at least six of the compromised devices.
“When the vulnerability was made public in 2020, no known public exploits were available. However, there are now indications that this vulnerability might be actively exploited.” continues the report.
CISA orders federal agencies to fix this vulnerability CVE-2020-3259 by 7 March 2024.
Want your digital assets to be protected?
CyberShelter provides innovative and modern cybersecurity products and niche services to individuals and organization against all kinds of cyber threats.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: How to Survive the COVID Time Cyber Security Threats?