Cyber security news for all


    Cisco Network Security Flaw Leaks Sensitive Data

    The flaw exists in Cisco s network security Firepower Threat Defense (FTD) software and its Adaptive Security Appliance (ASA) software.

    The vulnerability—(CVE-2020-3452), which is as a result of improper input validation of URLs in HTTP requests processes by affected devices—in Cisco, networks can lead to exposure of sensitive data.

    Cisco said, “it’s not aware of any malicious exploits for the vulnerability – however, it is aware of proof-of-concept (POC) exploit code released Wednesday by security researcher Ahmed Aboul-Ela.”

    This vulnerability gives access to hackers to conduct directory traversal attacks. Directory traversal attacks are HTTP attack enabling bad actors to access restricted directories and execute commands outside of the web server’s root directory.

    “The flaw exists in the web services interface of Cisco’s Firepower Threat Defense (FTD) software. This is part of its suite of network security and traffic management products; and its Adaptive Security Appliance (ASA) software, the operating system for its family of ASA corporate network security devices.”

    Cisco has explained that the recent vulnerability affects only users making use of the old Cisco ASA Software or Cisco FTD Software with a vulnerable  WebVPN configuration or AnyConnect.

    What this flaw spells for Cisco is that a threat actor can only access files bedded within the web services—enabled for specific WebVPN and AnyConnect features—which contains information like WebVPN configuration, bookmarks, web cookies, partial web content and HTTP URLs.

    According to Cisco’s advisory, “the web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. However, this vulnerability can’t be used to obtain access to ASA or FTD system files or the underlying operating system (OS) files.”

    Also, an attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device.”

    “This vulnerability… is highly dangerous,” said Mikhail Klyuchnikov of Positive Technologies, who is credited with independently reporting the flaw (along with Ahmed Aboul-Ela of RedForce), in a statement. The cause is a failure to verify inputs sufficiently. An attacker can send a specially crafted HTTP request to gain access to the file system (RamFS); which stores data in RAM.”

    An earlier vulnerability occurred in May when Cisco got rid of 12-high-severity-vulnerabilities across its ASA and FTD network security products.

    In the light of the flaw, Klyuchnikov has urged Cisco users to update their Cisco ASA.

    Recent Articles

    Police warn of a scam with fake websites on the Airbnb

    The apartment is centrally located and costs less: what looks like a great offer could be an attempt at fraud. The police in Europe...

    Significant increase in attacks with macOS specific macro malware

    Security researcher Patrick Wardle has observed a significant increase in attacks with macOS specific macro malware. As he explained in his lecture on Wednesday...

    China controls news with offline and online media

    The relationship between western countries and China is ambivalent. Only as a cheap production location and increasingly also as a basis for sales and...

    Russia’s GRU hackers hit the U.S. government and energy targets

    Some hackers have notoriety when it comes to the execution of their breach. GRU is one of these "elite" hacking gang. GRU is a Russian...

    U.S Offers $1 Million Bounty Reward for SEC Hackers

    (Left) Artem Radchenko (Right) Oleksandr Ieremenko   Two Ukrainians nationals, Viacheslavovich Radchenko and Oleksandr Vitalyevich Ieremenko are on the run from the law. The announcement did not...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox