📦 Firepower Threat Defense

This critical vulnerability in Cisco ASA and FTD VPN web servers allows authenticated remote attackers to execute arbitrary code as root. Attackers with valid VPN credentials can exploit improper inpu...

This critical vulnerability allows remote attackers to execute arbitrary code with root privileges on affected Cisco devices. Unauthenticated attackers can exploit Cisco ASA/FTD devices, while authent...

This vulnerability allows unauthenticated local attackers to access Cisco Firepower Threat Defense devices using static hard-coded credentials. Attackers can retrieve sensitive information, modify con...

CVE-2021-44228 (Log4Shell) is a critical remote code execution vulnerability in Apache Log4j2 that allows attackers to execute arbitrary code by exploiting JNDI lookups in log messages. This affects a...

An unauthenticated remote attacker can cause affected Cisco network devices to crash and reload by sending specially crafted IKEv2 protocol messages. This vulnerability affects Cisco ASA, FTD, IOS, an...

An integer overflow vulnerability in Snort's Modbus preprocessor allows remote attackers to cause denial of service by sending crafted Modbus traffic. This affects devices running vulnerable Snort ver...

A TLS 1.3 handshake vulnerability in Cisco ASA and FTD software allows unauthenticated remote attackers to trigger a device reload, causing denial of service. This affects organizations using affected...

This vulnerability allows authenticated remote attackers with VPN credentials to crash Cisco ASA/FTD devices via crafted HTTPS POST requests, causing denial of service. It affects systems with Dynamic...

A memory management flaw in Cisco ASA and FTD SSL VPN allows unauthenticated remote attackers to trigger device reboots via crafted SSL/TLS packets, causing denial of service. This affects organizatio...

A vulnerability in Cisco ASA and FTD software allows authenticated remote attackers to cause denial of service by sending crafted SNMP packets. The insufficient input validation in SNMP feature enable...

A vulnerability in Cisco Firepower Threat Defense (FTD) Software's ICMPv6 inspection with Snort 2 allows remote attackers to cause 100% CPU usage via crafted ICMPv6 packets, resulting in a denial of s...

An unauthenticated remote attacker can send crafted ICMPv6 messages to Cisco ASA or FTD devices with IPv6 enabled, causing the device to reload and creating a denial of service condition. This affects...

An unauthenticated remote attacker can send crafted packets to Cisco Firepower Threat Defense (FTD) Software on Firepower 2100 Series Firewalls, causing a denial of service by depleting memory blocks....

CVE-2023-44487 is an HTTP/2 protocol vulnerability that allows attackers to cause denial of service by rapidly resetting streams, consuming server resources. This affects any system using HTTP/2, incl...

This vulnerability allows unauthenticated remote attackers to discover private cryptographic keys on affected Cisco ASA/FTD devices due to insufficient entropy in the random number generator. Attacker...

This vulnerability allows an unauthenticated remote attacker to cause a denial of service (DoS) by sending crafted requests to the SSL VPN features of Cisco ASA and FTD software, potentially forcing t...

This vulnerability allows an unauthenticated remote attacker in a man-in-the-middle position to decrypt, read, modify, and re-encrypt data transmitted across affected IPsec IKEv2 VPN tunnels. It affec...

An unauthenticated remote attacker can cause a denial of service (DoS) by sending a crafted HTTPS request to Cisco ASA or FTD devices with web services interface for remote access VPN enabled. This af...

This vulnerability in Cisco Firepower Threat Defense (FTD) Software allows an unauthenticated remote attacker to cause a denial of service (DoS) by exploiting insufficient memory management in the Sno...

This vulnerability allows authenticated but unprivileged remote attackers to escalate privileges to level 15 (highest administrative level) on Cisco ASA and FTD devices via the web services interface....

This vulnerability allows unauthenticated remote attackers to cause denial of service on Cisco Firepower Threat Defense devices by sending crafted UDP packets that trigger improper DNS reputation rule...

An unauthenticated remote attacker can send a malicious HTTPS request to Cisco ASA or FTD devices, causing them to reload and creating a denial of service condition. This affects devices with the web ...

This vulnerability allows authenticated attackers to perform directory traversal attacks on Cisco Firepower Management Center (FMC) Software via the web management interface. Attackers can read or wri...

This vulnerability in Cisco Firepower Threat Defense (FTD) Software allows unauthenticated remote attackers to cause denial of service by flooding SSH connections. The attack exhausts system resources...

This vulnerability allows unauthenticated remote attackers to cause a denial of service (DoS) by overwhelming Cisco ASA and FTD devices with excessive connections. The improper resource management cau...

This vulnerability in Cisco products with Snort3 configured allows unauthenticated remote attackers to cause denial of service by sending crafted IP packets. The attack causes through traffic to be dr...

An unauthenticated remote attacker can send a malicious HTTPS request to Cisco ASA/FTD devices to trigger a denial of service condition, causing the device to reload. This affects Cisco Adaptive Secur...

A logic error in Cisco ASA and FTD software cryptography modules allows authenticated remote attackers or unauthenticated man-in-the-middle attackers to cause a denial of service by sending malicious ...

This vulnerability allows authenticated local attackers on Cisco Firepower Threat Defense devices running in multi-instance mode to execute arbitrary commands with root privileges. Attackers can explo...

This vulnerability allows authenticated remote attackers to trigger a buffer overflow in Cisco ASA and FTD software web services interface by sending malicious HTTP requests. Successful exploitation c...

This vulnerability allows unauthenticated remote attackers to cause a denial of service by sending crafted SIP traffic through affected Cisco ASA and FTD devices. The vulnerability triggers a crash du...

An unauthenticated remote attacker can send crafted SSL/TLS messages through Cisco Firepower Threat Defense devices performing software-based SSL decryption, causing a process crash that triggers a de...

This vulnerability in Cisco Firepower Threat Defense (FTD) Software allows unauthenticated remote attackers to bypass geolocation-based access control policies by sending traffic through affected devi...

This vulnerability allows unauthenticated remote attackers to bypass security policies on Cisco Firepower Threat Defense devices by exploiting a logic error in TCP Intercept handling with Snort 3. Onl...

A logic error in Cisco ASA and FTD software's Network Service Group ACL implementation allows unauthenticated remote attackers to bypass configured access control rules. This affects organizations usi...

This vulnerability allows authenticated remote attackers to bypass SAML authorization controls in Cisco ASA/FTD VPN services. Attackers can intercept their valid SAML token and reuse it to connect thr...

This vulnerability allows unauthenticated remote attackers to bypass Cisco Snort IPS rules by sending specially crafted HTTP packets. Affected systems include Cisco Firepower Threat Defense, Secure Fi...

A vulnerability in Cisco Firepower Threat Defense (FTD) software allows attackers to bypass file policies that should block encrypted archive files. Unauthenticated remote attackers can send crafted e...