1.0 Introduction
Recently, Cisco has released a security update addressing multiple vulnerabilities in its products, including several critical and high severity vulnerabilities.
2.0 Impact
An unauthenticated cyber threat actor could exploit these vulnerabilities to take control of an affected systems.
3.0 Affected Products
|
Description |
Severity |
CVE |
| Cisco Firepower Threat Defense Software for Firepower 1000, 2100, 3100, and 4200 Series Static Credential Vulnerability |
Critical |
CVE-2024-20412 |
| Cisco Secure Firewall Management Center Software Command Injection Vulnerability |
Critical |
CVE-2024-20424 |
| Cisco Adaptive Security Appliance Software SSH Remote Command Injection Vulnerability |
Critical |
CVE-2024-20329 |
| Cisco Firepower Threat Defense Software and Cisco FirePOWER Services TCP/IP Traffic with Snort 2 and Snort 3 Denial of Service Vulnerability |
High |
CVE-2024-20351 |
| Cisco Firepower Threat Defense Software for Cisco Firepower 2100 Series Appliances TCP UDP Snort 2 and Snort 3 Denial of Service Vulnerability |
High |
CVE-2024-20330 |
| Cisco Firepower Threat Defense Software for Firepower 2100 Series TLS Denial of Service Vulnerability |
High |
CVE-2024-20339 |
| Cisco Adaptive Security Virtual Appliance and Secure Firewall Threat Defense Virtual SSL VPN Denial of Service Vulnerability |
High |
CVE-2024-20260 |
| Cisco Adaptive Security Appliance and Firepower Threat Defense Software SSL VPN Memory Management Denial of Service Vulnerability |
High |
CVE-2024-20402 |
| Cisco Adaptive Security Appliance and Firepower Threat Defense Software SNMP Denial of Service Vulnerability |
High |
CVE-2024-20268 |
| Cisco Adaptive Security Appliance and Firepower Threat Defense Software Persistent Local Code Execution Vulnerability |
High |
CVE-2024-20485 |
| Cisco Adaptive Security Appliance and Firepower Threat Defense Software IKEv2 VPN Denial of Service Vulnerability |
High |
CVE-2024-20426 |
| Cisco Adaptive Security Appliance and Firepower Threat Defense Software Dynamic Access Policies Denial of Service Vulnerability |
High |
CVE-2024-20408 |
| Cisco Adaptive Security Appliance and Firepower Threat Defense Software Remote Access VPN Denial of Service Vulnerability |
High |
CVE-2024-20495 |
| Cisco Adaptive Security Appliance and Firepower Threat Defense Software TLS Denial of Service Vulnerability |
High |
CVE-2024-20494 |
| Cisco Firepower Threat Defense Software and Firepower Management Center Software Code Injection Vulnerability |
High |
CVE-2023-20063 |
4.0 Recommendations
CyberSecurity Malaysia encourages users and administrators to review the following advisories and apply the necessary updates:
Kindly, please refer to the URL below: https://sec.cloudapps.cisco.com/security/center/publicationListing.x?product=Cisco&sort=
For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.
Generally, Cyber999 advises the users of these devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact us through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 08:30 -17:30 MYT
Web: https://www.mycert.org.my
5.0 References