Cisco Confirms Exploitation of WebVPN Vulnerability in ASA Software

Cisco warns of active exploitation of a decade-old WebVPN vulnerability. The company has updated its security advisory regarding CVE-2014-2120, a cross-site scripting (XSS) vulnerability in the WebVPN login page of Cisco Adaptive Security Appliance (ASA) Software, which allows unauthenticated remote attackers to execute malicious scripts on users’ browsers. Cisco confirmed that exploitation of this vulnerability is currently active and urged customers to upgrade to a fixed software release, noting that free updates will not be provided for vulnerabilities disclosed via Security Notices. The Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2014-2120 to its Known Exploited Vulnerabilities Catalog, highlighting the urgency for organizations to address this issue promptly. Organizations using third-party support are advised to consult their service providers for appropriate fixes.