An unauthenticated file read vulnerability (CVE-2020-3452) affecting Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software is being exploited by attackers in the wild.
For the moment, it seems that it is being used just to read LUA source files, but it can be used to view files that may contain information such as WebVPN configuration, bookmarks, web cookies, partial web content, and HTTP URLs.
There’s a proof of concept doing the rounds for directory path traversal (yes, it’s 1998 again) in Cisco AnyConnect SSL VPN.
It’s already being mass spammed across internet.
As far as I can see people can only read LUA source files so far, so not terribly problematic as is. https://t.co/kSIFQdz1go
..
Support the originator by clicking the read the rest link below.
