#CiscoASA

Cisco Warns of Exploitation of Decade-Old ASA WebVPN Vulnerability

by

December 3, 2024 at 08:57AM Cisco has updated its advisory regarding a decade-old vulnerability (CVE-2014-2120) in its Adaptive Security Appliance, which is being actively exploited. The flaw allows cross-site scripting attacks via the WebVPN login page. Users are urged to update their systems as it was added to the CISA’s KEV catalog for urgent remediation. … Read more

Cisco Raises Alarm for ‘ArcaneDoor’ Zero-Days Hitting ASA Firewall Platforms

by

April 24, 2024 at 02:09PM Cisco issued a warning about professional, nation state-backed hackers exploiting two zero-day vulnerabilities in its ASA firewall platforms to plant malware on telecommunications and energy sector networks. The campaign, known as ArcaneDoor, aims to exploit software defects in Cisco products, potentially exfiltrate data, and execute commands. Cisco recommended ensuring proper … Read more