CVE-2023-20070

Name of the Vulnerable Software and Affected Versions Cisco Firepower Threat Defense (FTD) Software (affected versions not specified)

Description The issue is related to a logic error in the TLS 1.3 implementation of the Cisco Firepower Threat Defense (FTD) Software, specifically in how memory allocations are handled during a TLS 1.3 session. This could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to unexpectedly restart by sending a crafted TLS 1.3 message sequence through an affected device. A successful exploit could result in a denial of service (DoS) condition, causing packets to be dropped while the Snort detection engine reloads. The Snort detection engine will restart automatically without requiring manual intervention.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.