Cyber security news for all

More

    Cisco Network Security Flaw Leaks Sensitive Data

    The flaw exists in Cisco s network security Firepower Threat Defense (FTD) software and its Adaptive Security Appliance (ASA) software.

    The vulnerability—(CVE-2020-3452), which is as a result of improper input validation of URLs in HTTP requests processes by affected devices—in Cisco, networks can lead to exposure of sensitive data.

    Cisco said, “it’s not aware of any malicious exploits for the vulnerability – however, it is aware of proof-of-concept (POC) exploit code released Wednesday by security researcher Ahmed Aboul-Ela.”

    This vulnerability gives access to hackers to conduct directory traversal attacks. Directory traversal attacks are HTTP attack enabling bad actors to access restricted directories and execute commands outside of the web server’s root directory.

    “The flaw exists in the web services interface of Cisco’s Firepower Threat Defense (FTD) software. This is part of its suite of network security and traffic management products; and its Adaptive Security Appliance (ASA) software, the operating system for its family of ASA corporate network security devices.”

    Cisco has explained that the recent vulnerability affects only users making use of the old Cisco ASA Software or Cisco FTD Software with a vulnerable  WebVPN configuration or AnyConnect.

    What this flaw spells for Cisco is that a threat actor can only access files bedded within the web services—enabled for specific WebVPN and AnyConnect features—which contains information like WebVPN configuration, bookmarks, web cookies, partial web content and HTTP URLs.

    According to Cisco’s advisory, “the web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. However, this vulnerability can’t be used to obtain access to ASA or FTD system files or the underlying operating system (OS) files.”

    Also, an attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device.”

    “This vulnerability… is highly dangerous,” said Mikhail Klyuchnikov of Positive Technologies, who is credited with independently reporting the flaw (along with Ahmed Aboul-Ela of RedForce), in a statement. The cause is a failure to verify inputs sufficiently. An attacker can send a specially crafted HTTP request to gain access to the file system (RamFS); which stores data in RAM.”

    An earlier vulnerability occurred in May when Cisco got rid of 12-high-severity-vulnerabilities across its ASA and FTD network security products.

    In the light of the flaw, Klyuchnikov has urged Cisco users to update their Cisco ASA.

    Recent Articles

    Unauthorized access at Scalable Capital

    There has apparently been unauthorized access to individual data at Scalable Capital. The company informed its customers about the incident by mail yesterday, referring...

    The US accuses Russian officers of being in charge for cyber attacks

    The US government has brought charges against Russians who are alleged to have been involved in various cyber attacks as officers of the military...

    Twitter changed its rules for dealing with hacked data

    On Friday night, access to Twitter was disconnected for about two hours. The Chief Engineer announced that the reason was a rebuild in the...

    Norway sees Russia as the perpetrator of the cyber attack

    "It is important that our government refuses to send the Russians a clear sign that we do not know," said the Norway government. According...

    Phishing mail with an incorrect form for Corona bridging aid

    The representation of the European Commission warned of a phishing attempt targeting small and medium sized enterprises. Under the pretext for corona bridging aid,...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox