Zero-day vulnerability in Cisco Adaptive Security Appliance (ASA)

Authentication bypass using an alternate path or channel
CVE-2023-20269

Vulnerability details

Advisory: SB2023090728 - Authentication bypass using an alternate path or channel in Cisco Adaptive Security Appliance and Firepower Threat Defense

Vulnerable component: Cisco Adaptive Security Appliance (ASA)

CVE-ID: CVE-2023-20269

CVSSv3 score: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N/E:H/RL:O/RC:C

CWE-ID: CWE-288 - Authentication Bypass Using an Alternate Path or Channel

Description:

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to improper separation of authentication, authorization, and accounting (AAA) between the remote access VPN feature and the HTTPS management and site-to-site VPN features. A remote user can perform a brute-force attack and establish a clientless SSL VPN session with an unauthorized user.

Note, the vulnerability is being actively exploited in the wild.

External links:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ravpn-...

About zero-day vulnerabilities

Zero-day vulnerability is an undisclosed vulnerability in software that hackers can exploit to compromise computer programs, gain unauthorized access to sensitive data, penetrate networks, etc. We consider vulnerability a zero-day when there is no solution provided from software vendor and the vulnerability is being actively exploited by malicious actors.

Zero-day candidate is a potential zero-day vulnerability in software which might have been used in targeted attacks, however there is no evidence to support this suggestion.