From theregister.com
In Brief Cisco this week emitted fixes for potentially serious vulnerabilities, one of which is already being exploited in the wild.
The under-attack bug is CVE-2020-3452, a path-traversal flaw in Switchzilla’s Adaptive Security Appliance and Firepower Threat Defense software that can be used to “read sensitive files on a targeted system.” While there was no publicly available exploit code for the high-severity bug when first publicized, a day after issuing its advisory, Cisco said the flaw was being targeted in the wild.