CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: May 1, 2024
CVE-2024-20353
High
EPSS 19.5%CISA KEVDescription
Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an infinite loop vulnerability that can lead to remote denial of service condition.
EPSS — Exploit Probability
19.5%
Higher than 95.3% of all CVEs
Required Action
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-websrvs-dos-X8gNucD2; https://nvd.nist.gov/vuln/detail/CVE-2024-20353
Risk Assessment
ELEVATEDIn CISA KEV
Details
- Severity
- High
- EPSS
- 19.5%
- CISA KEV
- Yes
- Ransomware
- Unknown
- Articles
- 0
Timeline
Published
Apr 24, 2024
Added to KEV
Apr 24, 2024
Remediation Due
May 1, 2024
Affected Product
Cisco
Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
View all Cisco CVEs