H-ISAC TLP White Threat Bulletin: Threat Actors are Exploiting Cisco ASA Software Flaw CVE-2014-2120

The issue affects the WebVPN feature used for secure remote access. The flaw allows threat actors to remotely conduct a cross-site scripting (XSS) attack against a WebVPN user on the vulnerable Cisco ASA device. The flaw was originally disclosed in March 2014, and the company deployed relevant patches.

The exploitation of this old vulnerability highlights the importance of maintaining up-to-date security measures to safeguard against potential threats.  No workarounds are available for this flaw. Health-ISAC advises members who use Cisco ASA software to ensure their devices are patched as the only way to mitigate the risk of exploitation. View the detailed report and recommendations below. 

For help with Cybersecurity and Risk Advisory Services exclusively for AHA members, contact:

John Riggi

National Advisor for Cybersecurity and Risk, AHA

jriggi@aha.org

(O) +1 202 626 2272