Security

Mitigation Instructions for Cisco ASA and FTD CVE-2020-3259

Written by CyRisk Vulnerability Management Team | Mar 8, 2024 7:50:45 PM

SUBJECT: Mitigate Cisco ASA and FTD Information Disclosure Vulnerability (CVE-2020-3259)

TECH STACK:  Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software

DATE(S) ISSUED:  05/06/2020

NVD Last Modified: 02/15/2024

CRITICALITY: 7.5 HIGH

OVERVIEW: 

This document outlines mitigation steps to address a vulnerability (CVE-2020-3259) in Cisco ASA and FTD software versions mentioned above. This vulnerability allows an unauthenticated attacker to potentially retrieve sensitive information from your device. CISA considers this vulnerability actively exploited, so prompt action is crucial.

MITIGATION INSTRUCTIONS:

  • Patch to a Non-Vulnerable Version:
  • Enable Multi-Factor Authentication (MFA) (Optional):
    • While not a complete fix, enabling MFA on all accounts and services, especially Client VPN connections, adds an extra layer of security.
  • Enforce Password Changes (Optional):
    • Enforce password changes for all accounts, especially if they haven't been changed since the last update.
  • Change Secrets and Pre-Shared Keys (Optional):
    • If these haven't been changed since the last update, consider changing them in your device configurations.
  • Enable Logging (Optional):
    • Ensure logging is enabled on your devices to aid in potential forensic analysis if a breach occurs.

Confirmation & Additional Information:

  1. It is critical to apply these mitigations as soon as possible.
  2. No workarounds are available for this vulnerability.
  3. Consider deploying additional security measures like network segmentation and intrusion detection/prevention systems.

Refer to the following resources for further information:

  1. Cisco Security Advisory
  2. CISA Known Exploited Vulnerabilities Catalog