High Severity Security Flaw with Cisco ASA: Find It and Prioritize Patching Quickly

RedSeal Cyber Threat Series

Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) have a known vulnerability – CVE-2020-3452. This security vulnerability can allow an unauthenticated attacker to remotely conduct a directory traversal attack as well as read sensitive files on a targeted system.

Exploiting this vulnerability, the attacker can view files within target device’s web services file system. The web services files that the attacker can view may have information such as WebVPN configuration, bookmarks, web cookies, partial web content, and HTTP URLs. There are no workarounds that address this vulnerability.

Enterprises should patch their Cisco ASA Software and Firepower Software as soon as possible.  The web services file system is at risk when the WebVPN or AnyConnect functionality is enabled.  Note: The Cisco ASA or FTD system files or underlying Operating System files are not readable.

RedSeal customers should:

  1. Run a custom best practice check to receive a list of vulnerable devices.
  2. Create and run daily reports until all affected systems are patched.

For additional details, contact your RedSeal sales representatives or email info@redseal.net

 

References