Rewterz Threat Advisory – CVE-2023-20275 – Cisco Adaptive Security Appliance and Firepower Threat Defense Software Vulnerability

Rewterz Threat Advisory – Multiple Google Android Vulnerabilities

December 6, 2023

Rewterz Threat Advisory – Multiple Zyxel Products Vulnerabilities

December 6, 2023

Rewterz Threat Advisory – CVE-2023-20275 – Cisco Adaptive Security Appliance and Firepower Threat Defense Software Vulnerability

Severity

Medium

Analysis Summary

CVE-2023-20275

Cisco Adaptive Security Appliance and Firepower Threat Defense Software could allow a remote authenticated attacker to bypass security restrictions, caused by improper validation of the packet’s inner source IP address after decryption. By sending specially crafted packets through the tunnel, an attacker could exploit this vulnerability to send a packet impersonating another VPN user’s IP address.

Impact

Security Bypass

Indicators Of Compromise

CVE

CVE-2023-20275

Affected Vendors

Cisco

Affected Products

Cisco Firepower Threat Defense (FTD) Software
Cisco Adaptive Security Appliance

Remediation

Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.

Cisco Security Advisory

Rewterz Threat Advisory – Multiple Google Android Vulnerabilities

Rewterz Threat Advisory – Multiple Zyxel Products Vulnerabilities

Rewterz Threat Advisory – CVE-2023-20275 – Cisco Adaptive Security Appliance and Firepower Threat Defense Software Vulnerability

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan