CVE-2024-20407

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Threat Defense (FTD) Software (affected versions not specified)

Description: A logic error in the interaction between the TCP Intercept feature and the Snort 3 detection engine could allow an unauthenticated, remote attacker to bypass configured policies on an affected system. The issue arises from incorrect handling of embryonic (half-open) TCP connections. An attacker could exploit this by sending a crafted traffic pattern through an affected device, potentially allowing unintended traffic to enter the network. The vulnerability may also be related to incorrectly configured Maximum Embryonic TCP connections, which could enable a remote attacker to bypass security restrictions and perform a SYN flood attack.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.