CVE-2023-20269: Cisco Adaptive Security Appliance and Firepower Threat
Cisco Adaptive Security Appliance and Firepower Threat Defense Unauthorized Access Vulnerability. Cisco Adaptive Security Appliance and Firepower Threat Defense contain an unauthorized access vulnerability that could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or establish a clientless SSL VPN session with an unauthorized user.
- CISA KEV-listed (remediation due 2023-10-04)
- used in ransomware campaigns
- EPSS 1.2% (79.2% percentile)