Cyber Resilience

CVE-2023-20070

Medium

Published: 01 November 2023

Published
01 November 2023
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L
EPSS Score 0.0024 47.2th percentile
Risk Priority 8 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-20070 is a medium-severity Heap Inspection (CWE-244) vulnerability in Cisco Firepower Threat Defense. Its CVSS base score is 4.0 (Medium).

Operationally, ranked at the 47.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

A vulnerability in the TLS 1.3 implementation of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to unexpectedly restart. This vulnerability is due to a logic error in…

more

how memory allocations are handled during a TLS 1.3 session. Under specific, time-based constraints, an attacker could exploit this vulnerability by sending a crafted TLS 1.3 message sequence through an affected device. A successful exploit could allow the attacker to cause the Snort 3 detection engine to reload, resulting in a denial of service (DoS) condition. While the Snort detection engine reloads, packets going through the FTD device that are sent to the Snort detection engine will be dropped. The Snort detection engine will restart automatically. No manual intervention is required.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

cisco
firepower threat defense
7.2.0, 7.2.0.1

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-244

Forces clearing of heap memory contents prior to release, preventing subsequent processes from inspecting prior sensitive data.

addresses: CWE-244

Information management requirements drive clearing of sensitive contents from memory prior to release or reuse.

References