Oddbean new post about | logout
 Cisco fixes VPN DoS flaw discovered in password spray attacks

Cisco fixed a denial of service flaw in its Cisco ASA and Firepower Threat Defense (FTD) software, which was discovered during large-scale brute force attacks against Cisco VPN devices in April.

The flaw is tracked as CVE-2024-20481 and impacts all versions of Cisco ASA and Cisco FTD up until the latest versions of the software.

"A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of the RAVPN service," reads the CVE-2024-20481 security advisory.

See more: https://www.bleepingcomputer.com/news/security/cisco-fixes-vpn-dos-flaw-discovered-in-password-spray-attacks/

#cybersecurity #security