CVE-2024-20330
HIGHDescription
A vulnerability in the Snort 2 and Snort 3 TCP and UDP detection engine of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause memory corruption, which could cause the Snort detection engine to restart unexpectedly. This vulnerability is due to improper memory management when the Snort detection engine processes specific TCP or UDP packets. An attacker could exploit this vulnerability by sending crafted TCP or UDP packets through a device that is inspecting traffic using the Snort detection engine. A successful exploit could allow the attacker to restart the Snort detection engine repeatedly, which could cause a denial of service (DoS) condition. The DoS condition impacts only the traffic through the device that is examined by the Snort detection engine. The device can still be managed over the network. Note: Once a memory block is corrupted, it cannot be cleared until the Cisco Firepower 2100 Series Appliance is manually reloaded. This means that the Snort detection engine could crash repeatedly, causing traffic that is processed by the Snort detection engine to be dropped until the device is manually reloaded.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_threat_defense |
| cisco | firepower_2100 |
| cisco | firepower_2110 |
| cisco | firepower_2120 |
| cisco | firepower_2130 |
| cisco | firepower_2140 |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2024-20330? +
How severe is CVE-2024-20330? +
What products are affected by CVE-2024-20330? +
How do I check if I'm vulnerable to CVE-2024-20330? +
Related Vulnerabilities
Insufficient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised …
A vulnerability in the SSL VPN feature for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) …
The issue was addressed with improved memory handling. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, …
The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.5. Processing a file may …
NVIDIA GPU Display Driver for Linux contains a vulnerability where an attacker may access a memory location after the end …
Memory safety bugs present in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. Some of these bugs showed evidence of …