CVE-2024-20293

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliance (ASA) Software (affected versions not specified) Cisco Firepower Threat Defense (FTD) Software (affected versions not specified)

Description A logic error in the activation of an access control list (ACL) on Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the protection offered by a configured ACL on an affected device. This issue affects both IPv4 and IPv6 traffic, as well as dual-stack ACL configurations. An attacker could exploit this by sending traffic through the affected device that should be denied by the configured ACL, potentially allowing access to trusted networks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.