BitsnBytes Fall2023

Bits & bytes Fall 2023 10 T he Multi-State Information Sharing and Analysis Center (MS-ISAC) has issued an advisory regarding vulnerability found in Cisco Adaptive Security Appliance (ASA) software and Cisco Firepower Threat Defense (FTD) software. Cisco ASA software offers enterprise-class firewall capabilities to ASA devices, while Cisco FTD is a security solution that combines a firewall, Intrusion Prevention System (IPS), and advanced malware protection in one platform. The vulnerability in Cisco ASA and FTD software’s virtual private network (VPN) could let attackers remotely access individuals’ computers despite not having the proper credentials. The attackers’ methods may include brute force — attempting to guess usernames and passwords — or using individuals who have authentication to sneak into secure VPN sessions. This vulnerability arises because the system does not correctly separate different types of access, thereby posing a risk of unauthorized access. Successful exploitation could result in the installation of ransomware. CISCO observed attempted exploitation of this vulnerability in August, as reported by the New Jersey Cybersecurity & Communications Integration Cell (NJCCIC) (September 11, 2023). Cisco ASA and FTD Software Vulnerability: Unauthorized Access Risk Uncovered Systems Affected CISCO has yet to release software updates addressing the vulnerability, but they have provided workarounds to mitigate the risk. To see which products are affected, refer to the Cisco security advisory . Risk Assessment Government: •Large and medium government entities: HIGH •Small government entities: MEDIUM Businesses: •Large and medium business entities: HIGH •Small business entities: MEDIUM Home Users: LOW Cisco security advisory