#mfa

Analysis · May 20, 2026 · operations-desk

A 2020 bug leaked VPN passwords. The orgs that survived had MFA.

CVE-2020-3259 lets an unauthenticated attacker read Cisco ASA memory, sometimes including VPN credentials in cleartext. Akira ransomware used it for initial access years after the patch. The control that turned a leaked password into a non-event was multi-factor authentication.