CISCO ASA

Pierluigi Paganini July 24, 2020
CVE-2020-3452 flaw in Cisco ASA/FTD exploited within hours after the disclosure

Cisco fixed CVE-2020-3452 high-severity path traversal flaw in its firewalls that can be exploited by remote attackers to obtain sensitive files from the targeted system. Cisco addressed a high-severity path traversal vulnerability in its firewalls, tracked as CVE-2020-3452, that can be exploited by remote attackers to obtain potentially sensitive files from the targeted system. Cisco […]

Pierluigi Paganini December 21, 2019
Watch out, hackers are targeting CVE-2018-0296 Cisco fixed in 2018

Cisco has warned customers that hackers continue to target Cisco ASA and Firepower Appliance products by exploiting the CVE-2018-0296 flaw. Experts warn that threat actors continue to exploit the CVE-2018-0296 flaw to target Cisco ASA and Firepower Appliance. The vulnerability could be exploited by a remote, unauthenticated attacker to gain access to sensitive information through […]

Pierluigi Paganini December 23, 2018
Cisco ASA is affacted by a privilege escalation flaw. Patch it now!

Cisco Adaptive Security Appliance (ASA) Software is affected by a vulnerability that could be exploited by an attacker to retrieve files or replace software images on a device.  A privilege escalation vulnerability tracked as CVE-2018-15465 affects the Cisco Adaptive Security Appliance (ASA) software. The flaw could be exploited by an unauthenticated, remote attacker to perform […]

Pierluigi Paganini February 11, 2018
Hackers are exploiting the CVE-2018-0101 CISCO ASA flaw in attacks in the wild

Hackers are exploiting the CVE-2018-0101 CISCO ASA flaw in attacks in the wild and a Proof-of-concept exploit code is available online. This week, Cisco has rolled out new security patches for a critical vulnerability, tracked as CVE-2018-0101, in its CISCO ASA (Adaptive Security Appliance) software. This is the second the tech giant issued a security patch to fix the […]

Pierluigi Paganini February 08, 2018
For the second time CISCO issues security patch to fix a critical vulnerability in CISCO ASA

Cisco has rolled out new security patches for a critical vulnerability, tracked as CVE-2018-0101, in its CISCO ASA (Adaptive Security Appliance) software. At the end of January, the company released security updates the same flaw in Cisco ASA software. The vulnerability could be exploited by a remote and unauthenticated attacker to execute arbitrary code or trigger […]

Pierluigi Paganini January 30, 2018
Cisco ASA software is affected by a flaw with 10 out of 10 severity rating. Patch it asap

Cisco released security updates to address a critical security vulnerability, tracked as CVE-2018-0101, in Cisco ASA software Cisco addressed a critical security flaw, tracked as CVE-2018-0101, in Adaptive Security Appliance (ASA) software. The vulnerability could be exploited by a remote and unauthenticated attacker to execute arbitrary code or trigger a denial-of-service (DoS) condition causing the reload of the […]

Pierluigi Paganini September 23, 2016
The leak of NSA hacking tools was caused by a staffer mistake

A US investigation into the leak of the NSA hacking tools used by the Agency is focusing on a theory that it was caused by a staffer mistake. The hack of the NSA-linked group Equation Group and the leakage of the NSA hacking tools in its arsenal it probably one the most disconcerting events of the […]

Pierluigi Paganini September 05, 2016
NSA EXTRABACON exploit still threatens tens of thousands of CISCO ASA boxes

Two security experts from the Rapid 7 firm revealed that tens of thousands of CISCO ASA boxes are still vulnerable to the NSA EXTRABACON exploit. A few weeks ago the Shadow Brokers hacker group hacked into the arsenal of the NSA-Linked Equation Group leaked online data dumps containing its exploits. ExtraBacon is one of the exploits […]

Pierluigi Paganini August 24, 2016
The Equation Group’s exploit ExtraBacon works on newer Cisco ASA

Security experts have improved the ExtraBacon exploit included in the NSA Equation Group arsenal to hack newer version of CISCO ASA appliance. The data dump leaked online by ShadowBrokers is a treasure for security experts and hackers that are analyzing every tool it contains. Cisco and Fortinet have confirmed their network appliance are vulnerable to the exploits […]