CVE-2024-20330

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances (affected versions not specified) Cisco Adaptive Security Appliance (ASA) (affected versions not specified)

Description: The issue is related to improper memory management in the Snort TCP and UDP detection engine, which can cause memory corruption when processing specific packets. An attacker could exploit this by sending crafted packets, potentially leading to a denial of service (DoS) condition where the Snort detection engine restarts repeatedly. This condition affects only the traffic examined by the Snort detection engine, and the device remains manageable over the network. The memory corruption cannot be cleared until the device is manually reloaded, causing the Snort detection engine to crash repeatedly and drop traffic.

Recommendations: For Cisco Firepower Threat Defense (FTD) Software: At the moment, there is no information about a newer version that contains a fix for this vulnerability. For Cisco Adaptive Security Appliance (ASA): At the moment, there is no information about a newer version that contains a fix for this vulnerability.