Attackers Exploiting High-Severity Network Security Flaw, Cisco Warns
According to Cisco, a high severity flaw in its network security software is being actively exploited by cybercriminals. Cisco’s software is used by many Fortune 500 companies who are now at risk due to the vulnerability, which can lead to remote unauthenticated access to sensitive data. Patches for the flaw were released last Wednesday, however, attackers continue to target vulnerable versions of the software in which the patches have not been implemented.
Cisco addressed the active exploits, stating that their incident response team is working to investigate and mitigate the threat the vulnerabilities pose to consumers. The bug lies in the web services interface of Firepower Threat Defense (FTD) software. This is part of Cisco’s traffic management products and its Adaptive Security Appliance (ASA) software. Researchers with Rapid7 recently claimed that the potential risk is huge, stating that they were able to locate 85,000 internet-accessible ASA devices.