Cisco ASA network security appliances remain vulnerable to a powerful exploit that many security experts believe was created by the U.S. National Security Agency. The zero-day exploit, called EXTRABACON, dates from 2013 and appears to have been developed by an organization called the Equation Group, which is widely believed to be associated with the NSA’s Tailored Access Operations team. The exploit was released as part of an attack-tool dump from a group calling itself the Shadow Brokers. The vulnerability isn’t easy to exploit, but does enable an attacker to bypass Cisco ASA device authentication.”]
Source: https://www.cuinfosecurity.com/blogs/numerous-cisco-devices-still-vulnerable-to-extrabacon-p-2238