Attackers Exploiting High-Severity Network Security Flaw, Cisco Warns

Cisco is warning that a high-severity flaw in its network security software is being actively exploited – allowing remote, unauthenticated attackers to access sensitive data.

Patches for the vulnerability (CVE-2020-3452) in question, which ranks 7.5 out of 10 on the CVSS scale, were released last Wednesday. However, attackers have since been targeting vulnerable versions of the software, where the patches have not yet been applied.

“The Cisco Product Security Incident Response Team (PSIRT) is aware of the existence of public exploit code and active exploitation of the vulnerability that is described in this advisory,” according to Cisco.

Read more…
Source: ThreatPost