CVE-2024-20481 vulnerability in Cisco Products
Published on October 23, 2024

A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of the RAVPN service. This vulnerability is due to resource exhaustion. An attacker could exploit this vulnerability by sending a large number of VPN authentication requests to an affected device. A successful exploit could allow the attacker to exhaust resources, resulting in a DoS of the RAVPN service on the affected device. Depending on the impact of the attack, a reload of the device may be required to restore the RAVPN service. Services that are not related to VPN are not affected. Cisco Talos discussed these attacks in the blog post Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials.

Vendor Advisory NVD

Known Exploited Vulnerability

This Cisco ASA and FTD Denial-of-Service Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a missing release of resource after effective lifetime vulnerability that could allow an unauthenticated, remote attacker to cause a denial-of-service (DoS) of the RAVPN service.

The following remediation steps are recommended / required by November 14, 2024: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Vulnerability Analysis

CVE-2024-20481 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a small impact on availability.

Missing Release of Resource after Effective Lifetime

The software does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed. When a resource is not released after use, it can allow attackers to cause a denial of service by causing the allocation of resources without triggering their release. Frequently-affected resources include memory, CPU, disk space, power or battery, etc.

Products Associated with CVE-2024-20481

You can be notified by stack.watch whenever vulnerabilities like CVE-2024-20481 are published in these products:

Cisco Firepower Threat Defense Software

Cisco Adaptive Security Appliance Software

What versions are vulnerable to CVE-2024-20481?

Cisco Firepower Threat Defense Software Version 6.2.3
Cisco Firepower Threat Defense Software Version 6.2.3.1
Cisco Firepower Threat Defense Software Version 6.2.3.2
Cisco Firepower Threat Defense Software Version 6.2.3.3
Cisco Firepower Threat Defense Software Version 6.2.3.4
Cisco Firepower Threat Defense Software Version 6.2.3.5
Cisco Firepower Threat Defense Software Version 6.2.3.6
Cisco Firepower Threat Defense Software Version 6.2.3.7
Cisco Firepower Threat Defense Software Version 6.2.3.8
Cisco Firepower Threat Defense Software Version 6.2.3.10
Cisco Firepower Threat Defense Software Version 6.2.3.11
Cisco Firepower Threat Defense Software Version 6.2.3.9
Cisco Firepower Threat Defense Software Version 6.2.3.12
Cisco Firepower Threat Defense Software Version 6.2.3.13
Cisco Firepower Threat Defense Software Version 6.2.3.14
Cisco Firepower Threat Defense Software Version 6.2.3.15
Cisco Firepower Threat Defense Software Version 6.2.3.16
Cisco Firepower Threat Defense Software Version 6.2.3.17
Cisco Firepower Threat Defense Software Version 6.2.3.18
Cisco Firepower Threat Defense Software Version 6.6.0
Cisco Firepower Threat Defense Software Version 6.6.0.1
Cisco Firepower Threat Defense Software Version 6.6.1
Cisco Firepower Threat Defense Software Version 6.6.3
Cisco Firepower Threat Defense Software Version 6.6.4
Cisco Firepower Threat Defense Software Version 6.6.5
Cisco Firepower Threat Defense Software Version 6.6.5.1
Cisco Firepower Threat Defense Software Version 6.6.5.2
Cisco Firepower Threat Defense Software Version 6.6.7
Cisco Firepower Threat Defense Software Version 6.6.7.1
Cisco Firepower Threat Defense Software Version 6.4.0
Cisco Firepower Threat Defense Software Version 6.4.0.1
Cisco Firepower Threat Defense Software Version 6.4.0.3
Cisco Firepower Threat Defense Software Version 6.4.0.2
Cisco Firepower Threat Defense Software Version 6.4.0.4
Cisco Firepower Threat Defense Software Version 6.4.0.5
Cisco Firepower Threat Defense Software Version 6.4.0.6
Cisco Firepower Threat Defense Software Version 6.4.0.7
Cisco Firepower Threat Defense Software Version 6.4.0.8
Cisco Firepower Threat Defense Software Version 6.4.0.9
Cisco Firepower Threat Defense Software Version 6.4.0.10
Cisco Firepower Threat Defense Software Version 6.4.0.11
Cisco Firepower Threat Defense Software Version 6.4.0.12
Cisco Firepower Threat Defense Software Version 6.4.0.13
Cisco Firepower Threat Defense Software Version 6.4.0.14
Cisco Firepower Threat Defense Software Version 6.4.0.15
Cisco Firepower Threat Defense Software Version 6.4.0.16
Cisco Firepower Threat Defense Software Version 6.4.0.17
Cisco Firepower Threat Defense Software Version 6.7.0
Cisco Firepower Threat Defense Software Version 6.7.0.1
Cisco Firepower Threat Defense Software Version 6.7.0.2
Cisco Firepower Threat Defense Software Version 6.7.0.3
Cisco Firepower Threat Defense Software Version 7.0.0
Cisco Firepower Threat Defense Software Version 7.0.0.1
Cisco Firepower Threat Defense Software Version 7.0.1
Cisco Firepower Threat Defense Software Version 7.0.1.1
Cisco Firepower Threat Defense Software Version 7.0.2
Cisco Firepower Threat Defense Software Version 7.0.2.1
Cisco Firepower Threat Defense Software Version 7.0.3
Cisco Firepower Threat Defense Software Version 7.0.4
Cisco Firepower Threat Defense Software Version 7.0.5
Cisco Firepower Threat Defense Software Version 7.0.6
Cisco Firepower Threat Defense Software Version 7.0.6.1
Cisco Firepower Threat Defense Software Version 7.1.0
Cisco Firepower Threat Defense Software Version 7.1.0.1
Cisco Firepower Threat Defense Software Version 7.1.0.2
Cisco Firepower Threat Defense Software Version 7.1.0.3
Cisco Firepower Threat Defense Software Version 7.2.0
Cisco Firepower Threat Defense Software Version 7.2.0.1
Cisco Firepower Threat Defense Software Version 7.2.1
Cisco Firepower Threat Defense Software Version 7.2.2
Cisco Firepower Threat Defense Software Version 7.2.3
Cisco Firepower Threat Defense Software Version 7.2.4
Cisco Firepower Threat Defense Software Version 7.2.4.1
Cisco Firepower Threat Defense Software Version 7.2.5
Cisco Firepower Threat Defense Software Version 7.2.5.1
Cisco Firepower Threat Defense Software Version 7.3.0
Cisco Firepower Threat Defense Software Version 7.3.1
Cisco Firepower Threat Defense Software Version 7.3.1.1
Cisco Firepower Threat Defense Software Version 7.4.0
Cisco Firepower Threat Defense Software Version 7.4.1
Cisco Firepower Threat Defense Software Version 7.4.1.1
Cisco Firepower Threat Defense Software Version 7.3.1.2
Cisco Firepower Threat Defense Software Version 7.2.8.1
Cisco Firepower Threat Defense Software Version 7.2.8
Cisco Firepower Threat Defense Software Version 7.2.5.2
Cisco Firepower Threat Defense Software Version 7.2.7
Cisco Firepower Threat Defense Software Version 7.2.6
Cisco Firepower Threat Defense Software Version 7.0.6.2
Cisco Firepower Threat Defense Software Version 6.4.0.18
Cisco Firepower Threat Defense Software Version 6.6.7.2