Cisco patches three critical and one actively exploited flaw in ASA, FMC and FTD products
Take action: If you are using Cisco Adaptive Security Appliance (ASA), Secure Firewall Management Center (FMC), and Firepower Threat Defense (FTD) products with RAVPN patch them for the actively exploited DoS the critical bugs ASAP. Then plan a quick scheduled patch for the rest of the critical flaws - all of them have some prerequisites to be exploited so it's not panic mode. Yet, it's wise to fix them before hackers find a way to exploit.
Learn More
Cisco has released security updates for multiple vulnerabilities in its Adaptive Security Appliance (ASA), Secure Firewall Management Center (FMC), and Firepower Threat Defense (FTD) products, including one actively exploited flaw.
Critical Vulnerability Details
-
CVE-2024-20329 (CVSS score 9.9) - Impacts ASA, allows authenticated attackers to execute OS commands with root privileges via SSH.
-
CVE-2024-20424 (CVSS score 9.9) - Impacts FMC, allows remote, authenticated attackers to exploit improper HTTP request validation, enabling arbitrary command execution.
-
CVE-2024-20412 (CVSS score 9.3) - Impacts FTD, allows local, unauthenticated attackers to log in to the CLI using static credentials.
- CVE-2024-20481 (CVSS score 5.8) - enables denial-of-Service (DoS) in the Remote Access VPN (RAVPN) service of ASA and FTD. This flaw arises from resource exhaustion caused by attackers sending a high volume of VPN authentication requests.
- Only devices with the RAVPN service enabled are vulnerable. Cisco confirmed in-the-wild exploitation and linked it to a large-scale brute-force campaign targeting VPN and SSH services reported in April 2024.
Cisco’s advisory also includes 10 high-severity flaws, affecting ASA, FMC, and FTD, and 33 medium-severity vulnerabilities. High-severity flaws mainly allow DoS conditions, while a flaw in the VPN web server could enable arbitrary code execution.
Cisco advises organizations to apply the latest patches immediately.
