Headline
Decade-Old Cisco Vulnerability Under Active Exploit
Cisco encourages users to update to an unaffected version of its Adaptive Security Appliance (ASA) software since there are no workarounds for the 2014 vulnerability.
Source: Kristoffer Tripplaar via Alamy Stock Photo
NEWS BRIEF
Cisco is warning customers of a security vulnerability impacting its Adaptive Security Appliance (ASA) that is actively being exploited by threat actors.
The bug, tracked as CVE-2014-2120 and a decade old, involves insufficient input validation in ASA’s WebVPN login page, through which an unauthenticated remote attacker could enact a cross-site scripting (XSS) attack.
In 2014, Cisco noted that “the vulnerability is due to insufficient input validation of a parameter,” adding that an attacker could exploit the vulnerability by convincing the user to click on a malicious link.
Cisco now reports it became aware of in-the-wild exploitation attempts in November 2024 and recommends that customers upgrade to a fixed software release to mitigate the vulnerability. There are no workarounds for this flaw.
“Exploiting decade-old vulnerabilities like the ASA WebVPN bug underscores a persistent challenge in cybersecurity, that legacy vulnerabilities often remain unaddressed due to the sheer volume of security issues organizations face today,” Meny Har, CEO and co-founder of Opus Security, said in an emailed statement to Dark Reading. “Without effective prioritization frameworks, critical vulnerabilities can slip through the cracks.”
Related news
The vulnerability was first identified in 2014.
The threat actors behind the AndroxGh0st malware are now exploiting a broader set of security flaws impacting various internet-facing applications, while also deploying the Mozi botnet malware. "This botnet utilizes remote code execution and credential-stealing methods to maintain persistent access, leveraging unpatched vulnerabilities to infiltrate critical infrastructures," CloudSEK said in a