Cisco Alerts of Decade-Old ASA WebVPN Vulnerability Exploitation

Cisco revised its advisory on Monday to alert users to the active exploitation of a security issue that has affected its Adaptive Security Appliance (ASA) for ten years. The vulnerability, identified as CVE-2014-2120 (CVSS score: 4.3), relates to a situation where ASA's WebVPN login page lacks adequate input validation, which could enable an unauthenticated remote attacker to launch a cross-site scripting (XSS) attack against a specific appliance user.

Cisco Alerts of Decade-Old ASA WebVPN Vulnerability Exploitation

Cisco revised its advisory on Monday to alert users to the active exploitation of a security issue that has affected its Adaptive Security Appliance (ASA) for ten years. The vulnerability, identified as CVE-2014-2120 (CVSS score: 4.3), relates to a situation where ASA's WebVPN login page lacks adequate input validation, which could enable an unauthenticated remote attacker to launch a cross-site scripting (XSS) attack against a specific appliance user.

"An attacker could exploit this vulnerability by convincing a user to access a malicious link," Cisco stated in a March 2014 advisory. In its updated notice dated December 2, 2024, the networking equipment giant said that it has learned of "additional attempted exploitation" of the vulnerability in the wild.  The news follows the disclosure by cybersecurity firm CloudSEK that the threat actors behind AndroxGh0st are using a long list of security flaws in different internet-facing apps, such as CVE-2014-2120, to spread the malware.

The incorporation of the Mozi botnet, which enables AndroxGh0st to grow in size and reach, is another noteworthy aspect of the destructive activity. Consequently, the vulnerability was added to the U.S. Cybersecurity and Infrastructure Security Agency's (CISA) Known Exploited Vulnerabilities (KEV) database last month, and agencies under the FCEB are required to fix it by December 3, 2024. It is strongly advised that Cisco ASA users maintain their installations up to date for the best security and to protect against any online threats.