Zero-Day Vulnerability in Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Enables Akira Ransomware Attacks

    Cisco has issued a warning about a Zero-Day vulnerability in its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software, which has been exploited in Akira Ransomware attacks since August. The vulnerability (CVE-2023-20269) affects the remote access via VPN functionality in these Cisco products and can be exploited remotely without authentication through brute-force attacks. Attackers can establish a clientless SSL VPN session if they have valid user credentials. Cisco is actively working on security updates to address this vulnerability and advises customers to install the upgrade as soon as it becomes available.

    https://www.securityweek.com/cisco-asa-zero-day-exploited-in-akira-ransomware-attacks/

    Leave a Reply

    Your email address will not be published. Required fields are marked *