What is the severity of CVE-2024-20261?

The severity of CVE-2024-20261 is currently assessed as critical due to its potential impact on security policies that protect encrypted archive files.

How do I fix CVE-2024-20261?

To fix CVE-2024-20261, ensure that you update your Cisco Firepower Threat Defense software to the latest version provided by Cisco.

Who is affected by CVE-2024-20261?

Organizations using Cisco Firepower Threat Defense software to inspect encrypted archive files are affected by CVE-2024-20261.

Can CVE-2024-20261 be exploited remotely?

Yes, CVE-2024-20261 can be exploited remotely by an unauthenticated attacker, allowing them to bypass file policies.

What type of attacks can CVE-2024-20261 enable?

CVE-2024-20261 can enable attacks that involve bypassing security measures meant to block malicious encrypted archive files.

Vulnerability/
CVE-2024-20261

medium

5.8

CWE

284

22/5/2024

7/11/2024

CVE-2024-20261

First published: Wed May 22 2024(Updated: )

A vulnerability in the file policy feature that is used to inspect encrypted archive files of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured file policy to block an encrypted archive file. This vulnerability exists because of a logic error when a specific class of encrypted archive files is inspected. An attacker could exploit this vulnerability by sending a crafted, encrypted archive file through the affected device. A successful exploit could allow the attacker to send an encrypted archive file, which could contain malware and should have been blocked and dropped at the Cisco FTD device.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Firepower Threat Defense (FTD)

Never miss a vulnerability like this again

Reference Links

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-archive-bypass-z4wQjwcN

Frequently Asked Questions

What is the severity of CVE-2024-20261?
The severity of CVE-2024-20261 is currently assessed as critical due to its potential impact on security policies that protect encrypted archive files.
How do I fix CVE-2024-20261?
To fix CVE-2024-20261, ensure that you update your Cisco Firepower Threat Defense software to the latest version provided by Cisco.
Who is affected by CVE-2024-20261?
Organizations using Cisco Firepower Threat Defense software to inspect encrypted archive files are affected by CVE-2024-20261.
Can CVE-2024-20261 be exploited remotely?
Yes, CVE-2024-20261 can be exploited remotely by an unauthenticated attacker, allowing them to bypass file policies.
What type of attacks can CVE-2024-20261 enable?
CVE-2024-20261 can enable attacks that involve bypassing security measures meant to block malicious encrypted archive files.

agent/references
agent/weakness
agent/description
agent/type
agent/first-publish-date
agent/severity
agent/author
agent/event
collector/nvd-api
source/NVD
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
agent/softwarecombine
agent/tags
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco firepower threat defense (ftd)

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.