Cisco released several patches for high and critical vulnerabilities affecting several products like its Firepower network security devices, Identity Services Engine (ISE)) network access control platform, and Adaptive Security Appliance (ASA). The US Cybersecurity and Infrastructure Security Agency (CISA) issued an alert urging administrators to deploy the available patches because “a cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.”
The exploitation of vulnerabilities in network security appliances has become a common occurrence in recent years because these devices are sometimes by nature connected to the internet because they are perimeter devices and provide attackers with a privileged position on the network from where they can move laterally.
