CVE-2024-20402
📋 TL;DR
A memory management flaw in Cisco ASA and FTD SSL VPN allows unauthenticated remote attackers to trigger device reboots via crafted SSL/TLS packets, causing denial of service. This affects organizations using Cisco ASA or FTD with SSL VPN enabled.
💻 Affected Systems
- Cisco Adaptive Security Appliance (ASA) Software
- Cisco Firepower Threat Defense (FTD) Software
📦 What is this software?
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
Adaptive Security Appliance Software by Cisco
View all CVEs affecting Adaptive Security Appliance Software →
⚠️ Risk & Real-World Impact
Worst Case
Continuous DoS attacks causing extended network downtime and service disruption
Likely Case
Intermittent device reboots disrupting VPN connectivity and network operations
If Mitigated
Minimal impact with proper network segmentation and monitoring
🎯 Exploit Status
Exploitation requires sending crafted SSL/TLS packets to SSL VPN interface
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check Cisco advisory for specific fixed versions
Vendor Advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-dos-hOnB9pH4
Restart Required: Yes
Instructions:
1. Review Cisco advisory for affected versions 2. Download and apply appropriate fixed software version 3. Reboot device after patching 4. Verify SSL VPN functionality
🔧 Temporary Workarounds
Disable SSL VPN
allTemporarily disable SSL VPN feature if not required
no webvpn
no enable outside
Restrict SSL VPN Access
allLimit SSL VPN access to trusted IP ranges using ACLs
access-list SSL_VPN_ACL permit ip <trusted_networks> any
access-group SSL_VPN_ACL in interface outside
🧯 If You Can't Patch
- Implement network segmentation to isolate SSL VPN traffic
- Deploy intrusion prevention systems to detect and block exploit attempts
🔍 How to Verify
Check if Vulnerable:
Check ASA/FTD version and SSL VPN configuration statusCheck Version:
show versionVerify Fix Applied:
Verify running version matches fixed version from Cisco advisory📡 Detection & Monitoring
Log Indicators:
- Unexpected device reloads
- SSL VPN connection failures
- Memory allocation errors
Network Indicators:
- Unusual SSL/TLS traffic patterns to VPN interface
- Multiple connection attempts with malformed packets
SIEM Query:
source="cisco_asa" AND (event_id="713172" OR message="%ASA-6-713172")