all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2023-20269: Zero-Day Vulnerability in Cisco Adaptive Security Appliance and Firepower Threat Defense Reportedly Exploited by Ransomware Groups

Add to bookmarks
Sept. 12, 2023, 12:17 a.m. | Satnam Narang

Cyber Exposure Alerts www.tenable.com

Ransomware groups including LockBit and Akira are reportedly exploiting a zero-day vulnerability in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) appliances with VPN functionality enabled.


Background


On September 6, Cisco published an advisory for a zero-day vulnerability in the software for its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) appliances that has been reportedly exploited in the wild:










CVEDescriptionCVSSv3VPR*
CVE-2023-20269Cisco ASA and FTD Software Remote Access VPN Unauthorized Access Vulnerability5.03.2 …

advisory akira asa cisco cve defense exploited exploiting firepower lockbit ransomware ransomware groups security september software threat threat defense vpn vulnerability zero-day zero-day vulnerability

Visit resource

More from www.tenable.com / Cyber Exposure Alerts

CVE-2023-40044, CVE-2023-42657: Progress Software Patches Multiple Vulnerabilities in WS_FTP Server 1 day, 5 hours ago | www.tenable.com
advisory critical cve cvss +16
CVE-2023-41064, CVE-2023-4863, CVE-2023-5129: Frequently Asked Questions for ImageIO and WebP/libwebp Zero-Day Vulnerabilities 5 days, 19 hours ago | www.tenable.com
apple blog cve cve-2023-41064 +16
CVE-2023–29357, CVE-2023–24955: Exploit Chain Released for Microsoft SharePoint Server Vulnerabilities 6 days, 6 hours ago | www.tenable.com
blog blog post code code execution +18
Microsoft’s September 2023 Patch Tuesday Addresses 61 CVEs (CVE-2023-36761) 3 weeks ago | www.tenable.com
addresses critical cve cves +11
CVE-2023-20269: Zero-Day Vulnerability in Cisco Adaptive Security Appliance and Firepower Threat Defense Reportedly Exploited by … 3 weeks ago | www.tenable.com
advisory akira asa cisco +17
AA23-250A: Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475 3 weeks, 5 days ago | www.tenable.com
advisory agency cisa critical +20
CVE-2023-2868: Barracuda and FBI Recommend Replacing Email Security Gateway (ESG) Devices Immediately 1 month ago | www.tenable.com
attackers barracuda customers cve +17
CVE-2023-38035: Ivanti Sentry API Authentication Bypass Zero-Day Exploited in the Wild 1 month, 1 week ago | www.tenable.com
advisory api api authentication august +14
Microsoft’s August 2023 Patch Tuesday Addresses 73 CVEs (CVE-2023-38180) 1 month, 3 weeks ago | www.tenable.com
addresses august critical cve +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior Supervisor, Risk Monitoring

@ Bank of canada | Ottawa, ON
View on infosec-jobs.com

Principal Supervisor, Risk Monitoring

@ Bank of canada | Ottawa, ON
View on infosec-jobs.com

Principal Supervisor, Cyber Risk Monitoring

@ Bank of canada | Ottawa, ON
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Nine | North Sydney, Australia
View on infosec-jobs.com

IT Security Spezialist (m/w/d)

@ BayWa AG | München, Germany
View on infosec-jobs.com

SC2023-003099 Security Risk Consultant 2 (NS) - WED 11 Oct

@ EMW, Inc. | The Hague, South Holland, Netherlands
View on infosec-jobs.com
View more jobs