Cisco announced updates on Wednesday to fix a security flaw in its Adaptive Security Appliance (ASA) that is currently being exploited and could cause a denial-of-service (DoS) condition.
CVE-2024-20481 (CVSS score: 5.8) is A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of the RAVPN service.
By infosecbulletin
/ Saturday , November 2 2024
GitHub has launched an AI tool called 'Spark' that allows users to create apps using natural language, eliminating the need...
Read More
By infosecbulletin
/ Friday , November 1 2024
"A threat actor has reportedly claimed to gain root-level access to Titas Gas’s firewall server and is actively offering this...
Read More
By infosecbulletin
/ Friday , November 1 2024
Zimperium researchers have found a new version of FakeCall malware for Android that threatens financial security. This malware redirects users'...
Read More
By infosecbulletin
/ Friday , November 1 2024
Hikvision, a top provider of network cameras, has issued firmware updates to fix a security vulnerability that could reveal users'...
Read More
By infosecbulletin
/ Friday , November 1 2024
Global threat actors have significantly increased attacks on government sectors, with malware-driven attempts rising by triple digits in the first...
Read More
By infosecbulletin
/ Thursday , October 31 2024
Meetup of Bangladesh Kubernetes User Group was held at Banani Club 9294, Dhaka on Thursday, 31 October 2024. A lively...
Read More
By infosecbulletin
/ Thursday , October 31 2024
Bangladesh Bank issues alert on cyber threat. In its alert the central bank said, according to Bangladesh cyber security intelligence...
Read More
By infosecbulletin
/ Thursday , October 31 2024
Interbank, a major financial institution in Peru, has confirmed a data breach after a hacker leaked stolen data online. Formerly...
Read More
By infosecbulletin
/ Wednesday , October 30 2024
The US Cybersecurity and Infrastructure Security Agency (CISA) has released its first international strategic plan to enhance global cooperation in...
Read More
By infosecbulletin
/ Tuesday , October 29 2024
The Indian Cyber Crime Coordination Centre (I4C) has warned about illegal payment gateways set up by transnational cyber criminals using...
Read More
This vulnerability stems from resource exhaustion. An attacker can exploit it by sending many VPN authentication requests to the device, potentially causing a denial of service (DoS) for the RAVPN service. In some cases, the device may need to be rebooted to restore the service. Other services unrelated to VPN are not affected.
“An attacker could exploit this vulnerability by sending a large number of VPN authentication requests to an affected device,” Cisco said in an advisory. “A successful exploit could allow the attacker to exhaust resources, resulting in a DoS of the RAVPN service on the affected device.”
Earlier this April, Cisco Talos reported an increase in brute-force attacks on VPN services, web application logins, and SSH services since March 18, 2024.
These attacks targeted various equipment from companies like Cisco, Check Point, Fortinet, SonicWall, MikroTik, Draytek, and Ubiquiti.
“The brute-forcing attempts use generic usernames and valid usernames for specific organizations,” Talos noted at the time. “These attacks all appear to be originating from TOR exit nodes and a range of other anonymizing tunnels and proxies.”
Cisco has also released patches to remediate three other critical flaws in FTD Software, Secure Firewall Management Center (FMC) Software, and Adaptive Security Appliance (ASA), respectively.