Cisco Firepower Threat Defense (FTD) Software VPN DoS Vulnerabilities (cisco-sa-asaftd-vpn-m9sx6MbC)

According to its self-reported version, Cisco Secure Firewall Threat Defense FTD Software is affected by multiple vulnerabilities. - A vulnerability in the Lua interpreter of the Remote Access SSL VPN functionality of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure...

CVE-2026-20012

A vulnerability in the Internet Key Exchange version 2 IKEv2 feature of Cisco IOS Software, Cisco IOS XE Software, Cisco Secure Firewall Adaptive Security Appliance ASA Software, and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to trigger a...

EUVD-2018-1054

Malware in sbrugna...

EUVD-2021-21402

Malware in sbrugna...

EUVD-2020-24800

Malware in sbrugna...

CVE-2021-34752

A vulnerability in the CLI of Cisco FTD Software could allow an authenticated, local attacker with administrative privileges to execute arbitrary commands with root privileges on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of...

CVE-2021-34752

A vulnerability in the CLI of Cisco FTD Software could allow an authenticated, local attacker with administrative privileges to execute arbitrary commands with root privileges on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of...

CVE-2024-20407

A vulnerability in the interaction between the TCP Intercept feature and the Snort 3 detection engine on Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass configured policies on an affected system. Devices that are configured with Snort 2 are no...

CVE-2024-20261

A vulnerability in the file policy feature that is used to inspect encrypted archive files of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass a configured file policy to block an encrypted archive file. This vulnerability exists because of a...

CVE-2023-20031

A vulnerability in the SSL/TLS certificate handling of Snort 3 Detection Engine integration with Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to restart. This vulnerability is due to a logic error that occurs whe...

Design/Logic Flaw

A vulnerability in the interaction between the Server Message Block SMB protocol preprocessor and the Snort 3 detection engine for Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service DoS conditi...

CVE-2022-20866

A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to retrieve an RSA private key. This vulnerability is due to a logic error when the RSA key...

Cisco Firepower Threat Defense AnyConnect SSL VPN DoS (cisco-sa-vpndtls-dos-TunzLEV)

According to its self-reported version, Cisco FTD Software is affected by a vulnerability in the implementation of the Datagram TLS DTLS protocol that could allow an unauthenticated, remote attacker to cause high CPU utilization, resulting in a denial of service DoS condition. This vulnerability ...

Cisco Firepower Management Center Software Configuration Information Disclosure Vulnerabilities

According to its self-reported version, Cisco FTD Software is affected by multiple vulnerabilities as referenced in the cisco-sa-fmc-infodisc-Ft2WVmNU advisory. Multiple information disclosure vulnerabilities exist in the web-based GUI of Cisco Firepower Management Center FMC. An authenticated,...

Race condition

A vulnerability in the Simple Network Management Protocol SNMP input packet processor of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause an affected device to restart unexpectedly. The vulnerability is due to a lack of sufficient memory...

PT-2020-3662

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software affected versions not specified Description A flaw exists in the web services interface of Cisco ASA and FTD Software due to insufficient validation...

Cisco FTD Software DHCP DoS (cisco-sa-asaftd-dos-qk8cTGLz)

According to its self-reported version, Cisco FTD Software is affected by a denial-of-service DoS vulnerability in the DHCP component due to incorrect processing of certain DHCP packets. An authenticated, remote attacker can exploit this, by sending a crafted DHCP packet to the affected device, t...

PT-2020-2227

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliance ASA and Firepower Threat Defense FTD software versions prior to 6.2.3.16, 6.3.0.6, 6.4.0.9, and 6.5.0.5 Description The vulnerability is due to a buffer tracking issue when the software parses invalid URLs tha...

Cisco FTD Software CLI Command Injection (cisco-sa-20200226-fxos-ucs-cmdinj)

According to its self-reported version, Cisco FTD Software is affected by a vulnerability in the CLI due to insufficient input validation. An authenticated, local attacker can exploit this, by including crafted arguments to specific commands, in order to execute arbitrary commands on the underlyi...

Design/Logic Flaw

A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load f...