Cisco announced updates on Wednesday to fix a security flaw in its Adaptive Security Appliance (ASA) that is currently being exploited and could cause a denial-of-service (DoS) condition.
CVE-2024-20481 (CVSS score: 5.8) is A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of the RAVPN service.
By infosecbulletin
/ Friday , October 25 2024
Cybersecurity researcher Jeremiah Fowler found a non-password-protected database with 115,000 records linked to the UN Trust Fund to End Violence...
Read More
By infosecbulletin
/ Friday , October 25 2024
Cisco announced updates on Wednesday to fix a security flaw in its Adaptive Security Appliance (ASA) that is currently being...
Read More
By infosecbulletin
/ Wednesday , October 23 2024
White hat hackers at the Pwn2Own Ireland 2024 contest by Trend Micro's Zero Day Initiative earned $500,000 on the first...
Read More
By infosecbulletin
/ Tuesday , October 22 2024
In today's rapidly changing cybersecurity environment, organizations encounter numerous complex threats targeting endpoints and networks. CrowdStrike and Fortinet have partnered...
Read More
By infosecbulletin
/ Tuesday , October 22 2024
Sophos, based in the UK, is to acquire Secureworks, a Nasdaq-listed company, for $859 million in cash from Dell Technologies....
Read More
By infosecbulletin
/ Monday , October 21 2024
The Internet Archive was breached again, this time through their Zendesk email support platform, following warnings that threat actors had...
Read More
By infosecbulletin
/ Sunday , October 20 2024
In today's changing cybersecurity environment, it's essential to find vulnerabilities in code. Vulnhuntr, an open-source tool on GitHub, uses Large...
Read More
By infosecbulletin
/ Friday , October 18 2024
Bitdefender said a vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software fails to properly...
Read More
By infosecbulletin
/ Thursday , October 17 2024
Cybersecurity threats have surged to extraordinary heights, as Microsoft’s latest Digital Defense Report reveals that its customers are confronted with...
Read More
By infosecbulletin
/ Thursday , October 17 2024
VMware has issued a warning about a remote code execution vulnerability, CVE-2024-38814, with a CVSS score of 8.8, in its...
Read More
This vulnerability stems from resource exhaustion. An attacker can exploit it by sending many VPN authentication requests to the device, potentially causing a denial of service (DoS) for the RAVPN service. In some cases, the device may need to be rebooted to restore the service. Other services unrelated to VPN are not affected.
“An attacker could exploit this vulnerability by sending a large number of VPN authentication requests to an affected device,” Cisco said in an advisory. “A successful exploit could allow the attacker to exhaust resources, resulting in a DoS of the RAVPN service on the affected device.”
Earlier this April, Cisco Talos reported an increase in brute-force attacks on VPN services, web application logins, and SSH services since March 18, 2024.
These attacks targeted various equipment from companies like Cisco, Check Point, Fortinet, SonicWall, MikroTik, Draytek, and Ubiquiti.
“The brute-forcing attempts use generic usernames and valid usernames for specific organizations,” Talos noted at the time. “These attacks all appear to be originating from TOR exit nodes and a range of other anonymizing tunnels and proxies.”
Cisco has also released patches to remediate three other critical flaws in FTD Software, Secure Firewall Management Center (FMC) Software, and Adaptive Security Appliance (ASA), respectively.