Rewterz Threat Advisory – Citrix Releases Security Updates for Hypervisor
June 28, 2021Rewterz Threat Alert – Lazarus APT Group – Active IOCs
June 28, 2021Rewterz Threat Advisory – Citrix Releases Security Updates for Hypervisor
June 28, 2021Rewterz Threat Alert – Lazarus APT Group – Active IOCs
June 28, 2021Severity
High
Analysis Summary
The Cisco Adaptive Security Appliance Software vulnerability (CVE-2020-3580) is being actively exploited by threat actors after its PoC was released on Twitter. While Cisco released information on the vulnerability and patches back in October 2020, it was further fixed in April of 2021.
The vulnerability allows an unauthenticated threat actor to send malicious links or targeted phishing emails to users of the Cisco ASA device. This allows them to execute JavaScript commands in the user’s web browser. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device.
“A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information,” says Cisco’s advisory.
Impact
- Credential Theft
- Code Execution
Affected Vendors
Cisco
Affected Products
Cisco Adaptive Security Appliance Software
Remediation
Update to the fixed versions of the Cisco ASA software from the vendor website at https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe