2 μΙηΌ³΅@]ΪΦ~ (ε) 2023/09/09 00:33:24
Cisco ASA Zero-Day Exploited in Akira Ransomware Attacks
https://www.securityweek.com/cisco-asa-zero-day-exploited-in-akira-ransomware-attacks/
Tracked as CVE-2023-20269 (CVSS score of 5.0, medium severity), the issue exists in the remote access VPN feature of Cisco ASA and FTD and can be exploited remotely, without authentication, in brute force attacks.
gThis vulnerability is due to improper separation of authentication, authorization, and accounting (AAA) between the remote access VPN feature and the HTTPS management and site-to-site VPN features,h Cisco explains in an advisory.