• Tech News
    • Games
    • Pc & Laptop
    • Mobile Tech
    • Ar & Vr
    • Security
  • Startup
    • Fintech
  • Reviews
  • How To
What's Hot

Elementor #32036

January 24, 2025

The Redmi Note 13 is a bigger downgrade compared to the 5G model than you might think

April 18, 2024

Xiaomi Redmi Watch 4 is a budget smartwatch with a premium look and feel

April 16, 2024
Facebook Twitter Instagram
  • Contact
  • Privacy Policy
  • Terms & Conditions
Facebook Twitter Instagram Pinterest VKontakte
Behind The ScreenBehind The Screen
  • Tech News
    1. Games
    2. Pc & Laptop
    3. Mobile Tech
    4. Ar & Vr
    5. Security
    6. View All

    Bring Elden Ring to the table with the upcoming board game adaptation

    September 19, 2022

    ONI: Road to be the Mightiest Oni reveals its opening movie

    September 19, 2022

    GTA 6 images and footage allegedly leak

    September 19, 2022

    Wild west adventure Card Cowboy turns cards into weird and silly stories

    September 18, 2022

    7 Reasons Why You Should Study PHP Programming Language

    October 19, 2022

    Logitech MX Master 3S and MX Keys Combo for Business Gen 2 Review

    October 9, 2022

    Lenovo ThinkPad X1 Carbon Gen10 Review

    September 18, 2022

    Lenovo IdeaPad 5i Chromebook, 16-inch+120Hz

    September 3, 2022

    It’s 2023 and Spotify Still Can’t Say When AirPlay 2 Support Will Arrive

    April 4, 2023

    YouTube adds very convenient iPhone homescreen widgets

    October 15, 2022

    Google finishes iOS 16 Lock Screen widgets rollout w/ Maps

    October 14, 2022

    Is Apple actually turning iMessage into AIM or is this sketchy redesign rumor for laughs?

    October 14, 2022

    MeetKai launches AI-powered metaverse, starting with a billboard in Times Square

    August 10, 2022

    The DeanBeat: RP1 simulates putting 4,000 people together in a single metaverse plaza

    August 10, 2022

    Improving the customer experience with virtual and augmented reality

    August 10, 2022

    Why the metaverse won’t fall to Clubhouse’s fate

    August 10, 2022

    How Apple privacy changes have forced social media marketing to evolve

    October 16, 2022

    Microsoft Patch Tuesday October Fixed 85 Vulnerabilities – Latest Hacking News

    October 16, 2022

    Decentralization and KYC compliance: Critical concepts in sovereign policy

    October 15, 2022

    What Thoma Bravo’s latest acquisition reveals about identity management

    October 14, 2022

    What is a Service Robot? The vision of an intelligent service application is possible.

    November 7, 2022

    Tom Brady just chucked another Microsoft Surface tablet

    September 18, 2022

    The best AIO coolers for your PC in 2022

    September 18, 2022

    YC’s Michael Seibel clarifies some misconceptions about the accelerator • DailyTech

    September 18, 2022
  • Startup
    • Fintech
  • Reviews
  • How To
Behind The ScreenBehind The Screen
Home»Tech News»Researcher finds 10 vulnerabilities in Cisco firewalls
Tech News

Researcher finds 10 vulnerabilities in Cisco firewalls

August 11, 2022No Comments4 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
Researcher finds 10 vulnerabilities in Cisco firewalls
Share
Facebook Twitter LinkedIn Pinterest Email

Threat researchers at Rapid7 have disclosed 10 separate security issues in Cisco firewall products that could leave hundreds of thousands of organisations all over the world exposed to potentially serious supply chain cyber attacks and warned that not all of them have been properly patched.

The vulnerabilities impact Cisco Adaptive Security Software (ASA) and ASA-X enterprise-grade firewalls, as well as the Adaptive Security Device Manager (ASDM) graphical user interface for remote administration of ASA-based appliances, and its FirePower Services Software, which specifically supports the installation of the FirePower module on Cisco ASA 5500-X with FirePower Services.

They were discovered by Rapid7 lead security researcher Jake Baines, who disclosed them to Cisco in February and March of 2022, and has been working extensively with the networking kit supplier since then. They were formally demonstrated today (11 August) at Black Hat USA, and will be shown again at the following DEF CON conference on 13 August. At the time of writing, only four of the issues have been patched, and only four have been assigned common vulnerability and exposure (CVE) designations.

“Cisco does not consider the complete list of exploitable features to be vulnerabilities,” said Baines in a summary statement accompanying his disclosure, “as much of the exploitation happens on the virtual machine in the ASA.

“Despite this, attackers can still gain access to corporate networks, should they remain unpatched. Rapid7 urges organisations that use Cisco ASA to isolate administrative access as much as possible,” he said.

The three arguably most critical vulnerabilities are as follows:

  1. CVE-2022-20829 in Cisco ASDM. This vulnerability exists because the ASDM binary package lacks a cryptographic signature to prove it is authentic, so a malicious ASDM package installed on a Cisco ASA could lead to arbitrary code execution on any client connected to it. This is particularly impactful because the ADSM package is distributable. This means it could be installed via a supply chain attack, a malicious insider, or simply left available for free on the public internet for admins to find themselves. It has not been patched.
  2. CVE-2021-1585. This vulnerability lets a man-in-the-middle or malicious endpoint execute arbitrary Java code on an ASDM admin’s system using the launcher. Cisco disclosed it in July 2021, but did not patch it until the June 2022 release of ASDM 7.18.1.150. However, Baines has shown the exploit still works against this version.
  3. CVE-2022-20828. This is a remote, authenticated vulnerability that lets a threat actor achieve root access on ASA-X with FirePower Services when the FirePower module is installed. Because the FirePower module is fully-networked and is capable of accessing both outside and inside the ASA, it is very useful to an attacker to hide or stage their attacks – as a result, exposing ASDM to the public internet could be very dangerous for ASAs using this module, and furthermore, while it requires credentials to successfully execute, ASDM’s default authentication scheme discloses credentials to active man-in-the-middle attackers. Fortunately, it has been fixed in most maintained versions.
See also  Saints Row beginner’s guide: 10 tips and tricks

One of the other less impactful issues, a credential logging flaw in the ASDM client, has been assigned CVE-2022-20651. For the reasons outlined by Baines, the others have not. Full details of these are available from Rapid7.

Baines said users of the affected products needed to understand that firewalls, which are supposed to be a vital element of keeping threat actors off networks, can be easily bypassed.

He added that many users were clearly not updating their Cisco firewalls appropriately, claiming that a 15 June scan for ASDM web portals found that less than 0.5% of internet-facing appliances had upgraded to the most recent ASDM 7.18.1 release, with the most popular version in the wild found to be 7.8.2, which has been around for five years now.

Source link

Cisco finds firewalls researcher vulnerabilities
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

What is a Service Robot? The vision of an intelligent service application is possible.

November 7, 2022

Microsoft Patch Tuesday October Fixed 85 Vulnerabilities – Latest Hacking News

October 16, 2022

Led by Cisco vets, new Seattle networking startup Hedgehog comes out of stealth – Startup

October 11, 2022

Vulnerabilities Found In Canon Medical Vitrea View Software

October 3, 2022
Add A Comment

Comments are closed.

Editors Picks

An XSS Vulnerability Riddled Microsoft Groups Safety

July 18, 2022

Snapchat brings chatting and calling to internet for paid subscribers

July 18, 2022

Sony SRS-XB100 review

December 22, 2023

Determine Your Business Idea’s ‘Market Need’ With These Top Strategies

July 9, 2022

Subscribe to Updates

Get the latest news and Updates from Behind The Scene about Tech, Startup and more.

Top Post

Elementor #32036

The Redmi Note 13 is a bigger downgrade compared to the 5G model than you might think

Xiaomi Redmi Watch 4 is a budget smartwatch with a premium look and feel

Behind The Screen
Facebook Twitter Instagram Pinterest Vimeo YouTube
  • Contact
  • Privacy Policy
  • Terms & Conditions
© 2025 behindthescreen.uk - All rights reserved.

Type above and press Enter to search. Press Esc to cancel.