CVE-2024-20353 - Cisco ASA and FTD Denial of Service Vulnerability

CVE-2024-20353: Cisco | Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)

Date Added:
2024-04-24

Due Date:
2024-05-01

Vulnerability Name: Cisco ASA and FTD Denial of Service Vulnerability

Description: Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an infinite loop vulnerability that can lead to remote denial of service condition.

Known To Be Used in Ransomware Campaigns?: Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-websrvs-dos-X8gNucD2; https://nvd.nist.gov/vuln/detail/CVE-2024-20353