June 4, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Huge Git Configuration Breach Reveals 15,000 Credentials and Clones 10,000 Private Repos
November 5, 2024
APT37 aka ScarCruft or RedEyes – Active IOCs
November 5, 2024
Huge Git Configuration Breach Reveals 15,000 Credentials and Clones 10,000 Private Repos
November 5, 2024
APT37 aka ScarCruft or RedEyes – Active IOCs
November 5, 2024
Severity
High
Analysis Summary
CVE-2024-20329 CVSS:9.9
Cisco Adaptive Security Appliance (ASA) Software could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by insufficient validation of user input. By sending specially crafted input when executing remote CLI commands over SSH, an attacker could exploit this vulnerability to execute commands on the underlying operating system with root-level privileges.
CVE-2024-20408 CVSS:7.7
Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense are vulnerable to a denial of service, caused by improper validation of data in HTTPS POST requests. By sending a specially crafted HTTPS POST request, a remote attacker could exploit this vulnerability to cause the device to reload.
CVE-2024-20330 CVSS:8.6
A vulnerability in the Snort 2 and Snort 3 TCP and UDP detection engine of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause memory corruption, which could cause the Snort detection engine to restart unexpectedly. This vulnerability is due to improper memory management when the Snort detection engine processes specific TCP or UDP packets.
Impact
- Gain Access
- Denial of Service
Indicators of Compromise
CVE
- CVE-2024-20329
- CVE-2024-20408
- CVE-2024-20330
Affected Vendors
Cisco
Affected Products
- Cisco Adaptive Security Appliance (ASA) Software - 9.8.1 - 9.8.1.5 - 9.8.1.7 - 9.8.2 - 9.8.2.8 - 9.8.2.14 - 9.8.2.15 - 9.8.2.17 - 9.8.2.20 - 9.8.2.24 - 9.8.2.26 - 9.8.2.28 - 9.8.2.33 - 9.8.2.35 - 9.8.2.38 - 9.8.3.8 - 9.8.3.11 - 9.8.3.14
- Cisco Adaptive Security Appliance (ASA) Software - 9.17.1 - 9.17.1.7 - 9.17.1.9 - 9.17.1.10 - 9.18.1 - 9.18.1.3 - 9.17.1.11
- Cisco Adaptive Security Appliance (ASA) Software - - 9.18.2 - 9.17.1.13 - 9.17.1.15 - 9.18.2.5 - 9.17.1.20
- Cisco Adaptive Security Appliance (ASA) Software - 9.18.2.7 - 9.19.1 - 9.18.2.8 - 9.18.3 - 9.19.1.5 - 9.17.1.30 - 9.19.1.9 - 9.18.3.39
- Cisco Adaptive Security Appliance (ASA) Software - 9.19.1.12 - 9.18.3.46 - 9.19.1.18 - 9.18.3.53 - 9.18.3.55 - 9.17.1.33 - 9.18.3.56
- Cisco Firepower Threat Defense Software - 6.2.3 - 6.2.3.1 - 6.2.3.2 - 6.2.3.3 - 6.2.3.4 - 6.2.3.5 - 6.2.3.6 - 6.2.3.7
- Cisco Firepower Threat Defense Software - 7.0.0 - 7.0.0.1 - 7.0.1 - 7.1.0 - 7.0.1.1 - 7.1.0.1 - 7.0.2 - 7.2.0 - 7.0.2.
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.
