SUBJECT: Mitigate Cisco ASA and FTD Information Disclosure Vulnerability (CVE-2020-3259)
TECH STACK: Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software
DATE(S) ISSUED: 05/06/2020
NVD Last Modified: 02/15/2024
CRITICALITY: 7.5 HIGH
OVERVIEW:
This document outlines mitigation steps to address a vulnerability (CVE-2020-3259) in Cisco ASA and FTD software versions mentioned above. This vulnerability allows an unauthenticated attacker to potentially retrieve sensitive information from your device. CISA considers this vulnerability actively exploited, so prompt action is crucial.
MITIGATION INSTRUCTIONS:
- Patch to a Non-Vulnerable Version:
- Enable Multi-Factor Authentication (MFA) (Optional):
-
- While not a complete fix, enabling MFA on all accounts and services, especially Client VPN connections, adds an extra layer of security.
- Enforce Password Changes (Optional):
-
- Enforce password changes for all accounts, especially if they haven't been changed since the last update.
- Change Secrets and Pre-Shared Keys (Optional):
-
- If these haven't been changed since the last update, consider changing them in your device configurations.
- Enable Logging (Optional):
-
- Ensure logging is enabled on your devices to aid in potential forensic analysis if a breach occurs.
Confirmation & Additional Information:
- It is critical to apply these mitigations as soon as possible.
- No workarounds are available for this vulnerability.
- Consider deploying additional security measures like network segmentation and intrusion detection/prevention systems.
Refer to the following resources for further information:
- Cisco Security Advisory
- CISA Known Exploited Vulnerabilities Catalog
