Cisco ASA, FTD Software Under Active VPN Exploitation

  /     /     /  
Publicated : 23/11/2024   Category : security


Cisco ASA, FTD Software Under Active VPN Exploitation


Unauthenticated threat actors can remotely cause a denial-of-service (DoS) cyberattack within the Remote Access VPN software in Ciscos ASA and Firepower software.



Cisco has rushed a patch for a brute-force denial-of-service (DoS) vulnerability in its VPN thats being actively exploited in the wild.
The medium-severity bug (CVE-2024-20481, CVSS 5.8) resides in the Remote Access VPN (RAVPN) found in the Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) software. If exploited, it could allow an unauthenticated, remote attacker to cause a
DoS and disruptions
within the RAVPN.
According to Ciscos advisory on the flaw, the vulnerability can be exploited for resource exhaustion by sending a mass number of
VPN authentication
requests to an affected device, as a cyberattacker would do in an automated
brute-force or password-spray attack
.
Depending on the impact of the attack, a reload of the device may be required to restore the RAVPN service,
Cisco said in its report
. Services that are not related to VPN are not affected.
Cisco has released software updates to help mitigate the vulnerability, but it notes that there are no other workarounds for the bug. 
It does provide recommendations for evading password-spray attacks, including enabling logging, configuring threat detecting for remote access VPN services, applying hardening measures, and manually blocking connection attempts from unauthorized sources.

Last News

▸ Veritabile Defecte de Proiectare a Securitatii in Software -> Top 10 Software Security Design Flaws ◂
Discovered: 23/12/2024
Category: security

▸ Sony, XBox Targeted by DDoS Attacks, Hacktivist Threats ◂
Discovered: 23/12/2024
Category: security

▸ There are plenty of online tools for reporting bugs. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Cisco ASA, FTD Software Under Active VPN Exploitation