This Cisco ASA vulnerability is cross-site scripting (XSS) vulnerability that is tracked as CVE-2020-3580.

Cisco first disclosed the vulnerability and issued a fix in October 2020. However, the initial patch for CVE-2020-3580 was incomplete, and a further fix was released in April 2021.

This vulnerability can allow an unauthenticated threat actor to send targeted phishing emails or malicious links to a user of a Cisco ASA device to execute JavaScript commands in the user's browser.

"A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive information," says Cisco's advisory.

Researchers from Positive Technologies Offensive Team published a PoC exploit for the Cisco ASA CVE-2020-3580 vulnerability. Soon after the PoC was released, Tenable reported that threat actors are actively exploiting the vulnerability. As threat actors are now actively exploiting the vulnerability, it is crucial for administrators to immediately patch vulnerable Cisco ASA devices.

Source: bleepingcomputer.com