Attackers have developed exploit code and are now exploiting a high severity vulnerability CVE-2020-3452 in Cisco ASA and FTD software.
The read-only path traversal vulnerability CVE-2020-3452 exists in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software.
The flaw is caused by improper input validation of URLs in HTTP requests processed by impacted Cisco devices.
As a result, a remote unauthenticated attacker could launch a directory traversal attack and read sensitive files on targeted Cisco devices.
“Cisco has become aware of the availability of public exploit code and active exploitation of the vulnerability,” Cisco warned in the advisory.
In addition, devices running on older software versions are vulnerable if they are configured with either WebVPN or AnyConnect features.
Cisco and other security firms, to include Rapid7, are urging immediate patching of vulnerable Cisco devices.
Readers may remember Cisco also released patches for several other Critical VPN Firewall vulnerabilities nearly two weeks ago.
- Cisco patches Critical vulnerabilities in VPN and Router products
- Cisco patches small business switch high risk vulnerability (CVE-2020-3297) and 7 other security issues
- Organizations need heightened level of Enterprise VPN security in the wake of Coronavirus Pandemic
- Alert: Threat actors continue to exploit patched Pulse Secure VPN devices