Cisco RAVPN Vulnerability to DoS Attacks

CVE-2024-20481

Summary

A vulnerability has been identified in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software. This vulnerability enables unauthenticated remote attackers to exploit the RAVPN service through a significant number of VPN authentication requests, leading to resource exhaustion. The resulting denial of service impacts the RAVPN functionality, potentially necessitating a device reload to restore service. Other services on the device remain unaffected by this issue. Detailed insights into these types of attacks are further explored in Cisco Talos' findings regarding large-scale brute-force activities targeting VPNs.

News Articles

CyberSecurityNews

CVE-2024-20481CVE-2024-37383

CISA Warns of Cisco ASA & Roundcube Vulnerabilities Exploited in Wild

(CISA has announced the addition of two new vulnerabilities to its Known Exploited Vulnerabilities Catalog.

3 months ago

The Register

CVE-2024-20481

Cisco fixes bug under exploit in brute-force attacks

Cisco has patched an already exploited security hole in its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software that miscreants have been brute-forcing in attempted denial of service...

3 months ago

TechTarget

CVE-2024-20481

Cisco ASA and FTD zero day used in password spraying attacks | Tech...

Another Cisco ASA and FTD vulnerability was disclosed on Wednesday. Organizations are urged to patch as its under active exploitation.

3 months ago

More News...

References