Rewterz

Rewterz Threat Alert – Patchwork APT activity around South Asia

July 16, 2020
Rewterz

Rewterz Threat Alert – Agent Tesla Malware – IOCs

July 17, 2020

Rewterz Threat Alert – CVE-2020-3370 – Cisco Content Security Management Appliance Filter Bypass Vulnerability

Severity

Medium

Analysis Summary

A vulnerability in URL filtering of Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to bypass URL filtering on an affected device.

The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted, malicious HTTP request to an affected device. A successful exploit could allow the attacker to redirect users to malicious sites.

Impact

Bypass URL filtering

Affected Vendors

Cisco

Affected Products

Cisco SMA software

Remediation

Refer to Cisco advisory for the complete list of affected products and it’s respective patches.

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ESA-filt-39jXvMfM

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.