First published: Wed Oct 21 2020(Updated: )
A vulnerability in the TCP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory exhaustion condition. An attacker could exploit this vulnerability by sending a high rate of crafted TCP traffic through an affected device. A successful exploit could allow the attacker to exhaust device resources, resulting in a DoS condition for traffic transiting the affected device.
Credit: ykramarz@cisco.com ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco Adaptive Security Appliance | <9.12.4.3 | |
Cisco Firepower Threat Defense | <=6.2.2 | |
Cisco Firepower Threat Defense | >=6.3.0<6.4.0.10 | |
Cisco Firepower Threat Defense | >=6.5.0<6.5.0.5 | |
Cisco Firepower Threat Defense | =6.6.0 | |
Cisco Adaptive Security Appliance Software | >=9.13.0<9.13.1.13 | |
Cisco Adaptive Security Appliance Software | >=9.14.0<9.14.1.30 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2020-3554.
The severity of CVE-2020-3554 is high.
The affected software for CVE-2020-3554 includes Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software.
An attacker can exploit CVE-2020-3554 by sending specially crafted TCP packets to the affected device.
Yes, Cisco has released software updates to address the vulnerability. Please refer to the Cisco Security Advisory for more information.