Tens of thousands of devices running Cisco’s Adaptive Security Appliance (ASA) software are still vulnerable to attacks leveraging an exploit leaked by a group calling itself Shadow Brokers.
Shadow Brokers has leaked hundreds of megabytes of firewall exploits and implants allegedly stolen from the NSA-linked threat actor known as the Equation Group. The leak included a zero-day vulnerability in Cisco’s ASA software, which had been used for an exploit dubbed Extrabacon.
Cisco started releasing patches for the affected ASA software roughly ten days after the leak came to light. At the time of writing, only a couple of ASA versions remain unpatched. However, researchers at security firm Rapid7 have determined that there are still numerous vulnerable installations.
Leave a reply