CVE-2024-20297

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance (ASA) Software (affected versions not specified) Cisco Firepower Threat Defense (FTD) Software (affected versions not specified)

Description: A logic error in the AnyConnect firewall could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should have been denied to flow through an affected device. This issue arises when an AnyConnect client establishes a new session toward an affected device. An attacker could exploit this by establishing an AnyConnect connection to the affected device, potentially bypassing configured ACL rules. The vulnerability may also be related to authentication bypass via spoofing, allowing a remote attacker to circumvent existing security restrictions.

Recommendations: For Cisco Adaptive Security Appliance (ASA) Software, update to a version that includes a fix for this issue. For Cisco Firepower Threat Defense (FTD) Software, update to a version that includes a fix for this issue. As a temporary workaround, consider restricting AnyConnect connections to minimize the risk of exploitation.