VDB
CVE-2024-20353
CVE-2024-20353
PUBLISHED
KEV
Es besteht eine Schwachstelle in Cisco ASA (Adaptive Security Appliance) und Cisco Firepower. Dieser Fehler besteht in mehreren Komponenten wie dem AnyConnect IKEv2 Remote Access oder der REST API, unter anderem aufgrund einer unvollständigen Fehlerprüfung beim Parsen eines HTTP-Headers. Durch das Senden einer manipulierten HTTP-Anfrage an einen gezielten Webserver kann ein entfernter, anonymer Angreifer diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.
EPSS 17.38% · 95.2th percentile
Risk Scores
EPSS Score
17.38%
95.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Cisco ASA (Adaptive Security Appliance) | |
| Cisco | Cisco Firepower |
Timeline
- Apr 24, 2024 CISA KEV Added
- Apr 24, 2024 CVE Published
- Apr 24, 2024 PoC Published
- Apr 25, 2024 EPSS Score
- Apr 27, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Dec 20, 2024 PoC Published
- Jan 27, 2025 Coalition ESS Score
- Mar 17, 2025 EPSS Score
- Mar 20, 2025 EPSS Score
- Mar 27, 2025 EPSS Score
- Mar 28, 2025 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0965.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0965 advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-cmd-inj-ZJV8Wysm advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-rce-FLsNXF4h advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-websrvs-dos-X8gNucD2 advisory
- https://blog.talosintelligence.com/arcanedoor-new-espionage-focused-campaign-found-targeting-perimeter-network-devices/ advisory
- https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_attacks_event_response advisory