Cisco's firewall software remains susceptible to cyber assaults, according to recent findings by researchers, despite the application of patches.
In a recent disclosure, Rapid7 researchers have highlighted multiple vulnerabilities in Cisco's Adaptive Security Software (ASDM), Firepower Services Software for ASA, and Cisco ASA software itself. These vulnerabilities, including CVE-2021-1585 and CVE-2022-20829, have allegedly been left unpatched for months, posing potential risks for Cisco's vast customer base.
One of the most concerning vulnerabilities is CVE-2021-1585, which, according to Rapid7, can still be exploited by attackers using man-in-the-middle attacks. This vulnerability could potentially allow a malicious actor to treat ASA as a 'social security' office, launching attacks and embedding malicious code to gain further access into a targeted network.
Cisco has released fixed software for all the vulnerabilities disclosed by Rapid7, including CVE-2021-1985. However, some customers may not have upgraded to a version of ASDM that fixes this particular vulnerability. A click-through bypass window only presents itself if a user connects to a device running an out-of-date version of Cisco ASDM using a local machine that runs the latest Cisco ASDM-IDM Launcher update.
The Cisco Adaptive Security Device Manager (ASDM) on devices running Cisco Adaptive Security Appliance (ASA) software and the Cisco ASDM-IDM launcher on user's local machines have both been updated to fix CVE-2021-1985. Despite this, it appears that Cisco intends to leave CVE-2021-1585 unaddressed to support backwards compatibility with old versions of ASDM.
Rapid7's research suggests that a large percentage of Cisco customers have failed to implement recent security updates. To help users determine if they've installed malicious software, Rapid7 has released YARA rules. Users are advised to refer to specific security advisories for the latest information about Cisco's security updates.
It's important to note that Cisco has a process in place to inform its customers about security vulnerabilities in its products and how to mitigate them. Cisco has more than 300,000 customers using its security products and more than 1 million ASA devices are deployed around the world.
In response to Rapid7's findings, Cisco told the researchers that it had resolved outstanding issues with CVE-2021-1585 and CVE-2022-20829. However, the search results did not provide information about the current Cisco Adaptive Security Device Manager (ASDM) or Cisco ASDM-IDM Launcher versions recommended by Cisco to fix the vulnerability CVE-2021-1985.
In conclusion, while Cisco has released fixes for the vulnerabilities disclosed by Rapid7, it's crucial for users to ensure they are running the latest versions of ASDM and the ASDM-IDM Launcher to protect their networks from potential attacks. Users are encouraged to stay vigilant and keep up-to-date with the latest security advisories from Cisco.
Read also:
- China's Automotive Landscape: Toyota's Innovative Strategy in Self-Driving Vehicles
- Enlarged Financial Plan of MGM Osaka Integrated Resort Surpasses $10 Billion Mark
- Determining if Your Partner is Employing Telegram for Infidelity
- Tesla's Autonomous Taxi: Human Intervention in AI-Driven Vehicles Unveiled as Controversy
