CVE-2024-20481
MEDIUM CISA KEVDescription
A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of the RAVPN service. This vulnerability is due to resource exhaustion. An attacker could exploit this vulnerability by sending a large number of VPN authentication requests to an affected device. A successful exploit could allow the attacker to exhaust resources, resulting in a DoS of the RAVPN service on the affected device. Depending on the impact of the attack, a reload of the device may be required to restore the RAVPN service. Services that are not related to VPN are not affected. Cisco Talos discussed these attacks in the blog post Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials.
CVSS v3.1 Score
5.8
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild.
Added: Oct 24, 2024
Remediation due: Nov 14, 2024
Weakness Type (CWE)
CWE-772
CWE-772
Affected Products
| Vendor | Product |
|---|---|
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | firepower_threat_defense_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
| cisco | adaptive_security_appliance_software |
References
Frequently Asked Questions
What is CVE-2024-20481? +
A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of the RAVPN service.
This vulnerability is due to resource exhaustion. An attacker could exploit this vulnerability by sending a large number of VPN authentication requests to an affected device. A successful exploit could allow the attacker to exhaust resources, resulting in a DoS of the RAVPN service on the affected device. Depending on the impact of the attack, a reload of the device may be required to restore the RAVPN service. Services that are not related to VPN are not affected.
Cisco Talos discussed these attacks in the blog post Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials. It has a CVSS v3.1 base score of 5.8 (MEDIUM). This vulnerability is listed in CISA's Known Exploited Vulnerabilities catalog, indicating active exploitation in the wild.
How severe is CVE-2024-20481? +
CVE-2024-20481 has a CVSS v3.1 score of 5.8 out of 10, rated MEDIUM. This is a medium-severity vulnerability that should be remediated as part of regular maintenance.
What products are affected by CVE-2024-20481? +
CVE-2024-20481 affects products from cisco, specifically: adaptive_security_appliance_software, firepower_threat_defense_software. Check the affected products table above for specific version ranges.
How do I check if I'm vulnerable to CVE-2024-20481? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.
Related Vulnerabilities
CVE-2025-3864
Hackney fails to properly release HTTP connections to the pool after handling 307 Temporary Redirect responses. Remote attackers can exploit …
CVE-2025-65947
thread-amount is a tool that gets the amount of threads in the current process. Prior to version 0.2.2, there are …
CVE-2026-35227
An unauthenticated remote attacker may exhaust all available TCP connections in the CODESYS Modbus TCP Server stack if a race …
CVE-2024-2398
8.6
When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the …
CVE-2025-30256
8.6
A denial of service vulnerability exists in the HTTP Header Parsing functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted …
CVE-2025-24120
7.5
This issue was addressed by improved management of object lifetimes. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma …