SUMMARY:
- Crucial Patch Alert: Cisco ASA customers should urgently tackle a 10-year-old WebVPN vulnerability (CVE-2014-2120) that attackers at the moment are actively exploiting.
- XSS Threat Recognized: The flaw permits unauthenticated attackers to carry out cross-site scripting (XSS) assaults through malicious hyperlinks, probably compromising delicate knowledge and injecting malware.
- Lively Exploitation: Latest studies spotlight that malware like AndroxGh0st is leveraging CVE-2014-2120, prompting Cisco to replace its advisory in November 2024.
- Authorities Motion Required: CISA added this vulnerability to its Recognized Exploited Vulnerabilities (KEV) catalogue, mandating federal businesses to patch it by December 3, 2024.
- No Workaround Obtainable: Upgrading the Cisco ASA software program to a patched model is the one answer—attain out to Cisco help or service suppliers to safe your community.
If you’re utilizing a Cisco Adaptive Safety Equipment (ASA) to your community safety, it’s time to patch a crucial vulnerability that’s been round, surprisingly, for ten years.
Cisco just lately up to date an advisory a couple of safety flaw within the WebVPN login web page of their ASA software program, which may permit an unauthenticated, distant attacker to execute a cross-site scripting (XSS) assault on anybody utilizing WebVPN on the Cisco ASA.
This vulnerability, tracked as CVE-2014-2120, is a medium-severity vulnerability brought on because of inadequate enter validation of a parameter, which might be exploited by convincing a consumer to entry a malicious hyperlink. Clicking this hyperlink can pressure them into gifting away delicate data, hijacking shopping periods, and even injecting malware.
The vulnerability itself isn’t new – Cisco initially issued a warning again in March 2014. Nonetheless, the corporate’s current replace highlights a regarding improvement: attackers are actively attempting to use this decade-old bug.
In November 2024, the Cisco Product Safety Incident Response Crew (PSIRT) recognized this rising sample of latest exploitation makes an attempt. This coincides with a report from safety agency CloudSEK, which revealed that malware known as AndroxGh0st is utilizing CVE-2014-2120 (amongst others) to unfold.
It’s value noting that CISA added CVE-2014-2120 to its KEV (Recognized Exploited Vulnerabilities) catalogue on November 12, requiring authorities businesses to handle it by December 3, 2024.
The re-exploitation of this flaw exhibits the necessity for well timed software program updates and safety patches. Sadly, there’s no fast repair or workaround for this vulnerability. Your solely safety is to improve your Cisco ASA software program to a model that features a patch. Don’t wait – contact your Cisco help channel and get the replace course of rolling. Upgrading is essential to make sure your community stays safe.
Prospects with Cisco merchandise which are offered or maintained by agreements with third-party help organizations like Cisco Associate/resellers/service suppliers ought to seek the advice of their service suppliers to determine the most effective workaround or repair for his or her networks earlier than deployment.
Jason Soroko, Senior Fellow at Sectigo, a Scottsdale, Arizona-based supplier of complete certificates lifecycle administration (CLM) weighed in on the state of affairs stating, “These assaults spotlight how technical debt and low cybersecurity maturity can compound danger. Many organizations battle with primary cybersecurity capabilities, leaving them susceptible to each historic and rising threats.“
“If adversaries can exploit older flaws, they will. Addressing the risks associated with legacy systems is imperative, however, it demands investments that many organizations lack the resources to make,” Jason defined.
RELATED TOPICS
- Decade Outdated Software program Bug Units 3000 US Prisoners Free
- Goldoon Botnet Exploits 9-12 months-Outdated Flaw on D-Hyperlink Units
- 7-12 months-Outdated Pre-Put in Google Pixel App Flaw Dangers Tens of millions
- Intel Dealer Cisco Breach: Promoting Stolen Information from Main Corporations
- Cisco Internet UI Flaw Exploited Massly, Impacting Over 40K Units
