all InfoSec news
2x Actively Exploited Cisco CVEs in Adaptive Security Compliance (ASA) & Firepower Threat Defense (FTD)
April 24, 2024, 6:56 p.m. | /u/blackpoint_APG
cybersecurity www.reddit.com
# What's Going On?
* **This afternoon, Cisco released 2 new CVEs** impacting their Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD), both of which are **actively exploited by UAT4356.**
# More on [CVE-2024-20353](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-websrvs-dos-X8gNucD2)
* Vendor CVSS Score 8.6
* Allows an unauthenticated, remote attacker to force a compromised device to reload unexpectedly, resulting in a denial of service (DoS) condition.
# More on [CVE-2024-20359](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-rce-FLsNXF4h)
* Vendor CVSS Score 6.0
* …
actively exploited adaptive security asa cisco compliance course cves cvss cvss score cybersecurity defense exploited firepower score security security compliance threat threat defense vendor
More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
Principal Security Engineer
@ Elsevier | Home based-Georgia
Infrastructure Compliance Engineer
@ NVIDIA | US, CA, Santa Clara
Information Systems Security Engineer (ISSE) / Cybersecurity SME
@ Green Cell Consulting | Twentynine Palms, CA, United States
Sales Security Analyst
@ Everbridge | Bengaluru
Alternance – Analyste Threat Intelligence – Cybersécurité - Île-de-France
@ Sopra Steria | Courbevoie, France
Third Party Cyber Risk Analyst
@ Chubb | Philippines