Attackers and bug hunters are leveraging an exploit for CVE-2020-3580 to compromise vulnerable security devices running Cisco ASA or FTD software. Active attacks apparently started after Positive Technologies researchers shared proof-of-concept (PoC) exploit code last Thursday via Twitter. The source of all four vulnerabilities was insufficient validation of user-supplied input by the web services interface of an affected device, and could be exploited by attackers who manage to trick or persuade a user of the interface to click a crafted link.
Source: https://www.helpnetsecurity.com/2021/06/29/cve-2020-3580-exploit/