Cisco Systems Inc. has released more than 30 security patches, including 12 that address previously undisclosed high-severity vulnerabilities.

The serious vulnerabilities were found in Cisco’s Adaptive Security Appliance and Firepower 100 Series firewall applications as well as Cisco Firepower Threat Defense software used to protect corporate networks and data centers.

Cisco said that it wasn’t aware of any of the vulnerabilities being exploited in the wild, but it is actively encouraging customers to apply the patches as soon as possible.

Among the vulnerabilities were two discovered by Positive Technologies security researchers Mikhail Klyuchnikov and Nikita Abramo. The first vulnerability, known as CVE-2000-3187, was given a score of 9.1 and ranked as a critical vulnerability. The vulnerability, found in WebVPN, if exploited could allow even a low-skilled hacker to perform a denial-of-service attack on Cisco ASA devices simply by deleting files from the system.

The second vulnerability, CVE-2020-3259, was given a score of 7.5. It allows attackers to read sections of a Cisco ASA device dynamic memory to obtain session identification of users connected to Cisco VPN. Using that data, an attacker could then penetrate a company’s internal network.

“Positive Technologies experts note that to eliminate the vulnerability, users must update Cisco ASA to the latest version,” the security company said in a statement. “To fend off potential attacks, companies should also use web application firewalls.”

In related Cisco news, researchers at Abnormal Security Corp. have identified a new phishing attack that impersonates a notification from Cisco Webex in order to steal credentials of employees.

Those behind the phishing campaign send emails to targets impersonating an automated email from Cisco Webex, including formatting and graphics used by real emails from the company. The emails claim that the user can’t use this service and that the user account is currently locked; to unlock their account, the user must sign in with the provided link. The link leads to a Webex phishing credentials page where the hackers can steal login credentials.

“Criminal groups prey on their victims using urgent requests and fear to get their users to click on a link and entice them to log in on a fake website, all the while, stealing their credentials,” James McQuiggan, security awareness advocate at security awareness training company KnowBe4 Inc., told SiliconANGLE. “This tactic is successful due to the reason that the target may not be aware of the nature of phishing links and to check the email address of the sender.”

A common rule of thumb, he added, is that if an email is requesting the user to login and correct an issue, launch the website, and use a saved bookmark link or a quick Google search for the product. “Log in and verify if the information is accurate,” he advised. “Most of the time, it’s not and just a way for the attacker to gain access to the victim’s credentials.”

Photo: Cisco