Cisco on Monday up to date an advisory to warn prospects of lively exploitation of a decade-old safety flaw impacting its Adaptive Safety Equipment (ASA).
The vulnerability, tracked as CVE-2014-2120 (CVSS rating: 4.3), issues a case of inadequate enter validation in ASA’s WebVPN login web page that might enable an unauthenticated, distant attacker to conduct a cross-site scripting (XSS) assault in opposition to a focused consumer of the equipment.
“An attacker may exploit this vulnerability by convincing a consumer to entry a malicious hyperlink,” Cisco famous in an alert launched in March 2014.
As of December 2, 2024, the networking tools main has revised its bulletin to notice that it has turn out to be conscious of “further tried exploitation” of the vulnerability within the wild.
The event comes shortly after cybersecurity agency CloudSEK revealed that the menace actors behind AndroxGh0st are leveraging an intensive record of safety vulnerabilities in numerous internet-facing purposes, together with CVE-2014-2120, to propagate the malware.
The malicious exercise can be notable for the mixing of the Mozi botnet, which permits the botnet to additional develop in measurement and scope.
Because of this, the U.S. Cybersecurity and Infrastructure Safety Company (CISA) added the flaw to its Identified Exploited Vulnerabilities (KEV) catalog final month, requiring Federal Civilian Govt Department (FCEB) businesses to remediate it by December 3, 2024.
Customers of Cisco ASA are extremely really useful to maintain their installations up-to-date for optimum safety and to safeguard in opposition to potential cyber threats.