CVE-2023-20275

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliance (ASA) Software (affected versions not specified) Cisco Firepower Threat Defense (FTD) Software (affected versions not specified)

Description A vulnerability in the AnyConnect SSL VPN feature could allow an authenticated, remote attacker to send packets with another VPN user's source IP address. This is due to improper validation of the packet's inner source IP address after decryption. An attacker could exploit this by sending crafted packets through the tunnel, allowing them to impersonate another VPN user's IP address. However, the attacker cannot receive return packets.

Recommendations For Cisco Adaptive Security Appliance (ASA) Software, update to a version that includes the fix for this issue. For Cisco Firepower Threat Defense (FTD) Software, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the AnyConnect SSL VPN feature until a patch is available.