Cisco FTD Snort 3 Detection Engine Bypass Vulnerability (CVE-2024-20407)

### Key Information 1. **Vulnerability Description**: - **Vulnerability Name**: Cisco Firepower Threat Defense Software TCP Snort 3 Detection Engine Bypass Vulnerability - **Vulnerability ID**: cisco-sa-snort-bypass-PTry37fX - **CVE Number**: CVE-2024-20407 - **CWE Number**: CWE-399 - **CVSS Score**: Base 5.8 2. **Vulnerability Impact**: - **Affected Products**: Cisco FTD Software and Cisco FirePOWER Services - **Affected Versions**: Versions released on October 23, 2024 - **Affected Configurations**: Systems configured with maximum embryonic connections, using the Snort 3 detection engine. 3. **Exploitation**: - **Exploitation Method**: By sending specific traffic patterns, unauthorized remote attackers can bypass configured policies. - **Impact**: Allows unauthorized traffic to enter protected networks. 4. **Remediation**: - **Fix Released**: Cisco has released software updates to address this vulnerability. - **Workaround**: A workaround is provided, including disabling specific CLI commands. 5. **Affected Products List**: - **Confirmed Affected Products**: - Cisco Adaptive Security Appliance (ASA) Software - Cisco Secure Firewall Management Center (FMC) Software - Open Source Snort 2 - Open Source Snort 3 6. **Affected Products List**: - **Confirmed Unaffected Products**: - Cisco Adaptive Security Appliance (ASA) Software - Cisco Secure Firewall Management Center (FMC) Software - Open Source Snort 2 - Open Source Snort 3 7. **Workaround Measures**: - **Disable Specific CLI Command**: ```plaintext FTD# no asp inspect-dp pkt-decode-optimization FTD# ``` 8. **Affected Products List**: - **Confirmed Affected Products**: - Cisco Adaptive Security Appliance (ASA) Software - Cisco Secure Firewall Management Center (FMC) Software - Open Source Snort 2 - Open Source Snort 3 9. **Affected Products List**: - **Confirmed Unaffected Products**: - Cisco Adaptive Security Appliance (ASA) Software - Cisco Secure Firewall Management Center (FMC) Software - Open Source Snort 2 - Open Source Snort 3 10. **Affected Products List**: - **Confirmed Affected Products**: - Cisco Adaptive Security Appliance (ASA) Software - Cisco Secure Firewall Management Center (FMC) Software - Open Source Snort 2 - Open Source Snort 3 11. **Affected Products List**: - **Confirmed Unaffected Products**: - Cisco Adaptive Security Appliance (ASA) Software - Cisco Secure Firewall Management Center (FMC) Software - Open Source Snort 2 - Open Source Snort 3 12. **Affected Products List**: - **Confirmed Affected Products**: - Cisco Adaptive Security Appliance (ASA) Software - Cisco Secure Firewall Management Center (FMC) Software - Open Source Snort 2 - Open Source Snort 3 13. **Affected Products List**: - **Confirmed Unaffected Products**: - Cisco Adaptive Security Appliance (ASA) Software - Cisco Secure Firewall Management Center (FMC) Software - Open Source Snort 2 - Open Source Snort 3 14. **Affected Products List**: - **Confirmed Affected Products**: - Cisco Adaptive Security Appliance (ASA) Software - Cisco Secure Firewall Management Center (FMC) Software - Open Source Snort 2 - Open Source Snort 3 15. **Affected Products List**: - **Confirmed Unaffected Products**: - Cisco Adaptive Security Appliance (ASA) Software - Cisco Secure Firewall Management Center (FMC) Software - Open Source Snort 2 - Open Source Snort 3 16. **Affected Products List**: - **Confirmed Affected Products**: - Cisco Adaptive Security Appliance (ASA) Software - Cisco Secure Firewall Management Center (FMC) Software - Open Source Snort 2 - Open Source Snort 3 17. **Affected Products List**: - **Confirmed Unaffected Products**: - Cisco Adaptive Security Appliance (ASA) Software - Cisco Secure Firewall Management Center (FMC) Software - Open Source Snort 2 - Open Source Snort 3 18. **Affected Products List**: - **Confirmed Affected Products**: - Cisco Adaptive Security Appliance (ASA) Software - Cisco Secure Firewall Management Center (FMC) Software - Open Source Snort 2 - Open Source Snort 3 19. **Affected Products List**: - **Confirmed Unaffected Products**: - Cisco Adaptive Security Appliance (ASA) Software - Cisco Secure Firewall Management Center (FMC) Software - Open Source Snort 2 - Open Source Snort 3 20. **Affected Products List**: - **Confirmed Affected Products**: - Cisco Adaptive Security Appliance (ASA) Software - Cisco Secure Firewall Management Center (FMC) Software - Open Source Snort 2 - Open Source Snort 3 21. **Affected Products List**: - **Confirmed Unaffected Products**: - Cisco Adaptive Security Appliance (ASA) Software - Cisco Secure Firewall Management Center (FMC) Software - Open Source Snort 2 - Open Source Snort 3 22. **Affected Products List**: - **Confirmed Affected Products**: - Cisco Adaptive Security Appliance (ASA) Software - Cisco Secure Firewall Management Center (FMC) Software - Open Source Snort 2 - Open Source Snort 3 23. **Affected Products List**: - **Confirmed Unaffected Products**: - Cisco Adaptive Security Appliance (ASA) Software -

Goal Reached Thanks to every supporter — we hit 100%!

Cisco FTD Snort 3 Detection Engine Bypass Vulnerability (CVE-2024-20407)