⚠ Actively exploited in ransomware campaigns
This vulnerability is on the CISA Known Exploited Vulnerabilities list and has been used in known ransomware attacks. CISA required action: Apply mitigations per vendor instructions for group-lock and vpn-simultaneous-logins or discontinue use of the product for unsupported devices.. Due date: 2023-10-04.
CVE-2023-20269 — Authentication Bypass Using an Alternate Path or Channel in Cisco Adaptive Security Appliance Software
Severity
9.1CRITICALNVD
CNA5.0VulnCheck5.0
EPSS
0.8%
top 25.53%
CISA KEV
KEVRansomware
Added 2023-09-13
Due 2023-10-04
Exploit
Exploited in wild
Active exploitation observed
Affected products
Timeline
PublishedSep 6
KEV addedSep 13
KEV dueOct 4
Latest updateDec 2
CISA Required Action: Apply mitigations per vendor instructions for group-lock and vpn-simultaneous-logins or discontinue use of the product for unsupported devices.
Description
A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to establish a clientless SSL VPN session with an unauthorized user.
This vulnerability is due to improper separation of authentication, authorization, and accountin…
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 3.9 | Impact: 5.2
Affected Packages4 packages
🔴Vulnerability Details
3GHSA▶
GHSA-v7pw-9cmm-88m6: A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software↗2023-09-06
CVEList▶
CVE-2023-20269: A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software↗2023-09-06
VulnCheck▶
Cisco Adaptive Security Appliance and Firepower Threat Defense Unauthorized Access Vulnerability↗2023