CVE-2024-20481 - Cisco ASA and FTD Denial-of-Service Vulnerability

CVE-2024-20481: Cisco | Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)

Date Added:
2024-10-24

Due Date:
2024-11-14

Vulnerability Name: Cisco ASA and FTD Denial-of-Service Vulnerability

Description: Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a missing release of resource after effective lifetime vulnerability that could allow an unauthenticated, remote attacker to cause a denial-of-service (DoS) of the RAVPN service.

Known To Be Used in Ransomware Campaigns?: Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-bf-dos-vDZhLqrW ; https://nvd.nist.gov/vuln/detail/CVE-2024-20481

Related News Articles

New Cisco ASA and FTD features block VPN brute-force password attacksOctober 26, 2024

Exploited: Cisco, SharePoint, Chrome vulnerabilitiesOctober 25, 2024

Cisco fixes VPN DoS flaw discovered in password spray attacksOctober 25, 2024

Free security scan for your website

Don't show website scan report rating on the leaderboard