The 2020 Pwnie Nominee For Most Under-Hyped Research

Cisco Adaptive Security Appliance Vulnerabilities

Mikhail Klyuchnikov, Nikita Abramov

Two vulnerabilities (CVE-2020-3187 and CVE-2020-3259) were discovered which affect more than 220,000 Cisco Adapative Security Applicance (ASA) firewalls. These vulnerabilities allow an unauthorized user to disable the VPN, gain access to the internal network, and get passwords in plain text, among other things. A lot of devices remain without fix, because these vulnerabilities were not widely reported in the press.

Cisco Adaptive Security Appliance Vulnerabilities