Cisco issues emergency fix for VPN tool, users told to update now

Trending 1 month ago
  1. Home
  2. Technology
  3. Cisco issues emergency fix for VPN tool, users told to update now
An illustration of a manus holding a group of keys successful beforehand of a laptop, accompanied by a padlock symbol, fingerprint, and key.
(Image credit: Getty Images)

Cisco has issued an emergency hole for bugs successful immoderate of its package which are being actively exploited successful nan wild.

According to a information advisory from nan company, nan flaw that was patched was recovered successful Adaptive Security Appliance (ASA), and successful Firepower Threat Defense (FTD). It is described arsenic a assets exhaustion vulnerability, tracked arsenic CVE-2024-20481. It was fixed a mean severity standing of 5.8.

Describing nan mentation down nan attack, Cisco says an attacker could nonstop a ample number of VPN authentication requests to a susceptible device, exhausting its resources. That leads to a Denial-of-Service (DoS) authorities of nan Remote Access VPN (RAVPN) service. Furthermore, since nan attackers are sending authentication requests, 1 conscionable mightiness activity (depending connected nan spot of nan login credentials), giving nan miscreants unauthorized web access.

Abused successful nan wild

Depending connected nan effect of nan attack, nan victims whitethorn request to reconstruct nan RAVPN service, Cisco explained.

The bully news is that nan bug affects only those devices pinch distant entree VPN (RAVPN) work enabled. The bad news is nan bug is actively being exploited successful nan wild, and location is nary workaround. Cisco said it is "aware of malicious usage of nan vulnerability that is described successful this advisory," and nan US Cybersecurity and Infrastructure Security Agency (CISA) added nan bug to its Known Exploited Vulnerabilities (KEV) catalog.

Cisco’s VPN devices are hugely celebrated crossed nan world, and are being arsenic utilized by some SMBs and ample enterprises. Therefore, they are a awesome target for cybercriminals looking to weasel their measurement into firm IT infrastructure.

In fact, nan company’s cybersecurity department, Talos, precocious warned it’s search an summation successful brute-force attacks against VPNs, The Register reminds. "These attacks each look to beryllium originating from TOR exit nodes and a scope of different anonymizing tunnels and proxies," Talos said.

Sign up to nan TechRadar Pro newsletter to get each nan apical news, opinion, features and guidance your business needs to succeed!

More from TechRadar Pro

  • Cisco takes its developer hub offline pursuing information theft
  • Here's a database of nan best firewalls today
  • These are nan best endpoint protection tools correct now

Sead is simply a seasoned freelance journalist based successful Sarajevo, Bosnia and Herzegovina. He writes astir IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, information breaches, laws and regulations). In his career, spanning much than a decade, he’s written for galore media outlets, including Al Jazeera Balkans. He’s besides held respective modules connected contented penning for Represent Communications.

More
Source Technology
Technology

Related Article

Viltrox is changing the game for camera lenses, with its latest premium prime matching Sony’s best for half the price

Viltrox is changing the game for camera lenses, with its latest premium prime matching Sony’s best for half the price

2 weeks ago
Professionals are facing "tech overload" as they try to juggle multiple devices in the workplace

Professionals are facing "tech overload" as they try to juggle multiple devices in the workplace

2 weeks ago
The Galaxy S25 Ultra's rumored iPhone-beating power could tempt me back to Android

The Galaxy S25 Ultra's rumored iPhone-beating power could tempt me back to Android

2 weeks ago

Popular Article

Soundcore’s newest clip-style earbuds focus on comfort

Soundcore’s newest clip-style earbuds focus on comfort

1 month ago
Better than Black Friday: shop record-low prices on Samsung TVs at Best Buy

Better than Black Friday: shop record-low prices on Samsung TVs at Best Buy

1 month ago
The iPhone SE might serve an unexpected surprise next year

The iPhone SE might serve an unexpected surprise next year

1 month ago
AirPods Pro 2's hearing health features will arrive as a software update starting next week

AirPods Pro 2's hearing health features will arrive as a software update starting next week

1 month ago
The best budget laptops for 2024

The best budget laptops for 2024

1 month ago
English (US) English (US) · Indonesian (ID) Indonesian (ID) ·
About Us · Contact Us · Terms & Conditions ·

©2024 Latest Tech News.
All Rights Reserved.