Cisco ASA, FTD Software Under Active VPN Exploitation

  /     /     /  
Publicated : 23/11/2024   Category : security

Cisco ASA, FTD Software Under Active VPN Exploitation


Unauthenticated threat actors can remotely cause a denial-of-service (DoS) cyberattack within the Remote Access VPN software in Ciscos ASA and Firepower software.


Cisco has rushed a patch for a brute-force denial-of-service (DoS) vulnerability in its VPN thats being actively exploited in the wild.
The medium-severity bug (CVE-2024-20481, CVSS 5.8) resides in the Remote Access VPN (RAVPN) found in the Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) software. If exploited, it could allow an unauthenticated, remote attacker to cause a
DoS and disruptions
within the RAVPN.
According to Ciscos advisory on the flaw, the vulnerability can be exploited for resource exhaustion by sending a mass number of
VPN authentication
requests to an affected device, as a cyberattacker would do in an automated
brute-force or password-spray attack
.
Depending on the impact of the attack, a reload of the device may be required to restore the RAVPN service,
Cisco said in its report
. Services that are not related to VPN are not affected.
Cisco has released software updates to help mitigate the vulnerability, but it notes that there are no other workarounds for the bug. 
It does provide recommendations for evading password-spray attacks, including enabling logging, configuring threat detecting for remote access VPN services, applying hardening measures, and manually blocking connection attempts from unauthorized sources.

Last News

▸ ArcSight prepares for future at user conference post HP acquisition. ◂
Discovered: 07/01/2025
Category: security
▸ Samsung Epic 4G: First To Use Media Hub ◂
Discovered: 07/01/2025
Category: security
▸ Many third-party software fails security tests ◂
Discovered: 07/01/2025
Category: security


Cyber Security Categories
Google Dorks Database
 		Exploits Vulnerability
 		Exploit Shellcodes

CVE List
 		Tools/Apps
 		News/Aarticles

Phishing Database
 		Deepfake Detection
 		Trends/Statistics & Live Infos



Tags:
Cisco ASA, FTD Software Under Active VPN Exploitation