CVE-2024-20331

high-risk

Published 2024-10-23

A vulnerability in the session authentication functionality of the Remote Access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to prevent users from authenticating. This vulnerability is due to insufficient entropy in the authentication process. An attacker could exploit this vulnerability by determining the handle of an authenticating user and using it to terminate their authentication session. A successful exploit could allow the attacker to force a user to restart the authentication process, preventing a legitimate user from establishing remote access VPN sessions.

Do I need to act?

0.95% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 6.8/10 Medium

NETWORK / HIGH complexity

Affected Products (20)

Adaptive Security Appliance Software

Affected Vendors

Cisco

References (3)

Vendor Advisory https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/ci...

Broken Link https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/ci...

Vendor Advisory https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300

/ 100

high-risk

Severity 21/34 · High

Exploitability 3/34 · Minimal

Exposure 33/34 · Critical