CVE-2024-20481 - Cisco ASA and FTD Denial-of-Service Vulnerability

CVE ID:CVE-2024-20481

Project:Cisco

Product:Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)

Date Added:2024-10-24Due Date:2024-11-14

Vulnerability Name

Cisco ASA and FTD Denial-of-Service Vulnerability

Description

Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a missing release of resource after effective lifetime vulnerability that could allow an unauthenticated, remote attacker to cause a denial-of-service (DoS) of the RAVPN service.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-bf-dos-vDZhLqrW

https://nvd.nist.gov/vuln/detail/CVE-2024-20481

Related News Articles

Cisco warns of denial of service flaw with PoC exploit codeJanuary 23, 2025

New Cisco ASA and FTD features block VPN brute-force password attacksOctober 26, 2024

Exploited: Cisco, SharePoint, Chrome vulnerabilitiesOctober 25, 2024

Cisco fixes VPN DoS flaw discovered in password spray attacksOctober 25, 2024

Top Security News

Top CVE List

Top Alert List

Common CWEs