Cisco ASA RAVPN DoS via Resource Exhaustion
CVE-2024-20481 Published on October 23, 2024

A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of the RAVPN service. This vulnerability is due to resource exhaustion. An attacker could exploit this vulnerability by sending a large number of VPN authentication requests to an affected device. A successful exploit could allow the attacker to exhaust resources, resulting in a DoS of the RAVPN service on the affected device. Depending on the impact of the attack, a reload of the device may be required to restore the RAVPN service. Services that are not related to VPN are not affected. Cisco Talos discussed these attacks in the blog post Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials.

NVD

Known Exploited Vulnerability

This Cisco ASA and FTD Denial-of-Service Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a missing release of resource after effective lifetime vulnerability that could allow an unauthenticated, remote attacker to cause a denial-of-service (DoS) of the RAVPN service.

The following remediation steps are recommended / required by November 14, 2024: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Vulnerability Analysis

CVE-2024-20481 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. This vulnerability is known to be actively exploited by threat actors in an automatable fashion. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a small impact on availability.

Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
NONE
User Interaction:
NONE
Scope:
CHANGED
Confidentiality Impact:
NONE
Integrity Impact:
NONE
Availability Impact:
LOW

Weakness Type

Missing Release of Resource after Effective Lifetime

The software does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed. When a resource is not released after use, it can allow attackers to cause a denial of service by causing the allocation of resources without triggering their release. Frequently-affected resources include memory, CPU, disk space, power or battery, etc.


Products Associated with CVE-2024-20481

stack.watch emails you whenever new vulnerabilities are published in Cisco Firepower Threat Defense Software or Cisco Adaptive Security Appliance Software. Just hit a watch button to start following.

Cisco Firepower Threat Defense Software
 
Cisco Adaptive Security Appliance Software
 

Affected Versions

Cisco Adaptive Security Appliance (ASA) Software: Cisco Firepower Threat Defense Software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco adaptive_security_appliance_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software: cisco firepower_threat_defense_software:

Exploit Probability

EPSS
11.12%
Percentile
93.34%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.