CVE-2024-20330

HIGH EPSS 47.2%
Published Oct 23, 20241y ago · Modified Jun 17, 20261w ago
7.5 CVSS 3.1
High
Find Similar
Published Oct 23, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

A vulnerability in the Snort 2 and Snort 3 TCP and UDP detection engine of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause memory corruption, which could cause the Snort detection engine to restart unexpectedly. This vulnerability is due to improper memory management when the Snort detection engine processes specific TCP or UDP packets. An attacker could exploit this vulnerability by sending crafted TCP or UDP packets through a device that is inspecting traffic using the Snort detection engine. A successful exploit could allow the attacker to restart the Snort detection engine repeatedly, which could cause a denial of service (DoS) condition. The DoS condition impacts only the traffic through the device that is examined by the Snort detection engine. The device can still be managed over the network. Note: Once a memory block is corrupted, it cannot be cleared until the Cisco Firepower 2100 Series Appliance is manually reloaded. This means that the Snort detection engine could crash repeatedly, causing traffic that is processed by the Snort detection engine to be dropped until the device is manually reloaded.

CVSS Details

Base Score
7.5
Exploitability
3.9
Impact
3.6
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
47.2% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-788

Affected Products 42

VendorProductVersionRange
ciscofirepower_threat_defense7.0.0.0any
ciscofirepower_threat_defense7.0.0.1any
ciscofirepower_threat_defense7.0.1any
ciscofirepower_threat_defense7.0.1.1any
ciscofirepower_threat_defense7.0.2any
ciscofirepower_threat_defense7.0.2.1any
ciscofirepower_threat_defense7.0.3any
ciscofirepower_threat_defense7.0.4any
ciscofirepower_threat_defense7.0.5any
ciscofirepower_threat_defense7.0.6any
ciscofirepower_threat_defense7.0.6.1any
ciscofirepower_threat_defense7.0.6.2any
ciscofirepower_threat_defense7.0.6.3any
ciscofirepower_threat_defense7.1.0any
ciscofirepower_threat_defense7.1.0.1any
ciscofirepower_threat_defense7.1.0.3any
ciscofirepower_threat_defense7.2.0any
ciscofirepower_threat_defense7.2.0.1any
ciscofirepower_threat_defense7.2.1any
ciscofirepower_threat_defense7.2.2any
ciscofirepower_threat_defense7.2.3any
ciscofirepower_threat_defense7.2.4any
ciscofirepower_threat_defense7.2.4.1any
ciscofirepower_threat_defense7.2.5any
ciscofirepower_threat_defense7.2.5.1any
ciscofirepower_threat_defense7.2.5.2any
ciscofirepower_threat_defense7.2.6any
ciscofirepower_threat_defense7.2.7any
ciscofirepower_threat_defense7.2.8any
ciscofirepower_threat_defense7.2.8.1any
ciscofirepower_threat_defense7.3.0any
ciscofirepower_threat_defense7.3.1any
ciscofirepower_threat_defense7.3.1.1any
ciscofirepower_threat_defense7.3.1.2any
ciscofirepower_threat_defense7.4.1any
ciscofirepower_threat_defense7.4.1.1any
ciscofirepower_threat_defense7.4.2any
ciscofirepower_2100*any
ciscofirepower_2110*any
ciscofirepower_2120*any
ciscofirepower_2130*any
ciscofirepower_2140*any

References 3

  • sec.cloudapps.cisco.com https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO
    Broken Link
  • sec.cloudapps.cisco.com https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd2100-snort-dos-M9HuMt75
    Vendor Advisory
  • sec.cloudapps.cisco.com https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.