CVE-2024-20351

💻 Affected Systems

📦 What is this software?

⚠️ Risk & Real-World Impact

🎯 Exploit Status

Exploitation is straightforward - any system capable of generating sufficient network traffic can trigger the condition.

🔍 How to Verify

Check FTD software version via CLI: 'show version' and compare against Cisco advisory's affected versions list.

show version | include Version

After patching, verify version is updated: 'show version' should show a version equal to or higher than the fixed versions listed in Cisco advisory.

📡 Detection & Monitoring

source="ftd_logs" AND ("packet drop" OR "snort restart" OR "high cpu")

🔗 References

• https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-xss-yjj7ZjVq Broken Link
• https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO Broken Link
• https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sa-ftd-snort-fw-BCJTZPMu Vendor Advisory
• https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300 Vendor Advisory