Cisco ASA Software Vulnerability Could Lead to Denial of Service

CVE-2024-20353
8.6HIGH

Key Information

Vendor
Cisco
Status
Cisco Adaptive Security Appliance (asa) Software
Cisco Firepower Threat Defense Software
Vendor
CVE Published:
24 April 2024

Badges

🔥 No. 1 Trending😄 Trended👾 Exploit Exists📰 News Worthy

Summary

A critical vulnerability (CVE-2024-20353) in Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. Attackers have exploited this vulnerability to install backdoors on government Cisco ASA appliances. These attacks started in November 2023, with evidence suggesting that the capability was being tested and developed as early as July 2023. The attackers used custom malware to conduct their activities, overriding the SSL VPN session establishment process and maintaining a backdoor on the compromised devices. Cisco has released patches for the vulnerabilities and advised organizations to implement them promptly. The attacker demonstrated a clear focus on espionage, and the use of zero-days and specific anti-forensic measures indicate a sophisticated state-sponsored actor. Organizations with internet-exposed Cisco ASA devices were nearly five times more likely to experience a cyber insurance claim in 2023, reinforcing the severity and impact of these attacks.

CISA Reported

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2024-20353 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace as recent news articles suggest the vulnerability is being used by ransomware groups.

The CISA's recommendation is: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Affected Version(s)

Cisco Adaptive Security Appliance (ASA) Software = 9.8.1

Cisco Adaptive Security Appliance (ASA) Software = 9.8.1.5

Cisco Adaptive Security Appliance (ASA) Software = 9.8.1.7

News Articles

CVSS V3.1

Score:
8.6
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability started trending.

  • 🔥

    Vulnerability reached the number 1 worldwide trending spot.

  • First article discovered by Help Net Security

  • 👾

    Exploit exists.

  • Vulnerability published.

  • Vulnerability Reserved.

Collectors

NVD DatabaseMitre DatabaseCISA Database3 News Article(s)
.