InfoSecBulletin Cybersecurity for mankind
Cisco has released an updated security advisory about CVE-2014-2120, a vulnerability in the WebVPN login page of Cisco Adaptive Security Appliance (ASA) Software.
This flaw, disclosed in 2014, allows unauthenticated remote attackers to perform cross-site scripting (XSS) attacks on WebVPN users. The advisory highlights that this vulnerability is currently being actively exploited, emphasizing the urgency for mitigation.
ISPAB president “whatsapp” got hacked via phishing link
Zyxel released patches 2 vulns in its USG FLEX H series firewalls
South Korea’s largest SK Telecom Hit by Malware: SIM-related info leaked
ChatGPT Develops Exploit for CVEs Before Public PoCs Share
TP-Link Router Vulns Allow to Execute Malicious SQL Commands
SSL.com’s domain validation system’s bug found: Hacker exploited
Amazon Follows Microsoft’s Lead, Halts Some Data Center Deals
Hackers Exploit Zoom’s Remote Control Feature for System Access
Registration open for ‘𝐔𝐀𝐏 𝐂𝐘𝐁𝐄𝐑 𝐒𝐈𝐄𝐆𝐄 𝟐𝟎𝟐𝟓’
Samsung phone is saving your passwords in plain text
CVE-2014-2120 is an XSS vulnerability in the WebVPN login page of Cisco Adaptive Security Appliance (ASA) Software. Cisco’s advisory states that this vulnerability is due to insufficient input validation, allowing attackers to create malicious links that run arbitrary scripts in a victim’s browser when clicked.
The advisory warns that an attacker could exploit vulnerabilities to target WebVPN users on certain Cisco ASA devices without needing authentication.
In November 2024, Cisco PSIRT reported renewed exploitation activity. The company advises customers to upgrade to a fixed software release to address the vulnerability but will not offer free software updates for issues highlighted in Security Notices. Customers should contact their usual support channels for the necessary upgrades.
CISA added CVE-2014-2120 to its Known Exploited Vulnerabilities Catalog on November 12, 2024, highlighting the need for organizations to address this issue urgently.
Cisco PSIRT would like to thank Piotr Karolak of Trustwave’s SpiderLabs for reporting this vulnerability.
Organizations using third-party support for Cisco products should check with their service providers to ensure that any fixes are appropriate for their network setups.
