Multiple vulnerabilities in Cisco products (April 25, 2024)
Actively exploited. At least one CVE in this advisory is listed in the CISA Known Exploited Vulnerabilities catalog — exploitation has been observed in the wild. Treat remediation as urgent.
On April 24, 2024, Cisco published three security advisories regarding vulnerabilities affecting ASA and FTD security equipment. Two of them concern vulnerabilities CVE-2024-20353 and CVE-2024-20359 which are actively exploited in targeted attacks. The vulnerability...
CSIRTS triage
- What
- Multiple vulnerabilities affecting Cisco ASA and FTD security equipment are actively exploited in targeted attacks.
- Who is affected
- Deployments of Cisco ASA and FTD security equipment are affected.
- Urgency
- Remediation is urgent due to active exploitation of the vulnerabilities.
- Action
- Refer to Cisco's advisories for specific patches and mitigations.
AI-assisted analysis generated from the source advisory — verify against the original.
Details
Original advisory: https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-007/
Exploitation outlook
EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.
- Exploitation confirmedCVE-2024-20353Already exploited in the wild (CISA KEV) — the prediction phase is over. Patch now. Riskier than 99% of all scored CVEs.
- Exploitation confirmedCVE-2024-20359Already exploited in the wild (CISA KEV) — the prediction phase is over. Patch now. Riskier than 97% of all scored CVEs.
Referenced CVEs
| CVE | CSIRTS overview | External |
|---|---|---|
| CVE-2024-20353 | coverage & exploitation status | NVD · CVE.org |
| CVE-2024-20359 | coverage & exploitation status | NVD · CVE.org |
Same CVEs, other sources
How other CERTs, PSIRTs and databases cover the vulnerabilities in this advisory.
- criticalexploitedCVE-2024-20359: Cisco ASA and FTD Privilege Escalation Vulnerabilitycisa-kev
- criticalexploitedCVE-2024-20353: Cisco ASA and FTD Denial of Service Vulnerabilitycisa-kev
Recent advisories for Cisco products
A cluster of recent advisories against the same product widens the attack surface — attackers routinely chain freshly published CVEs on one product, so review these together.
- highClamAV Vulnerabilities Affecting Cisco Products: July 2026cisco-psirt · 2026-07-02
- unknownMultiple vulnerabilities in Cisco products (July 2, 2026)cert-fr-avis · 2026-07-02
- criticalexploited2026-002: Multiple Vulnerabilities in Cisco Productscert-eu · 2026-02-26
- criticalexploitedCVE-2026-20045: Cisco Unified Communications Products Code Injection Vulnerabilitycisa-kev · 2026-01-21
- criticalexploitedCVE-2025-20393: Cisco Multiple Products Improper Input Validation Vulnerabilitycisa-kev · 2025-12-17
More from CERT-FR Alertes de sécurité
- unknown[Update] Vulnerability in Microsoft Exchange Server (May 15, 2026)2026-05-15
- unknownVulnerability in F5 BIG-IP Access Policy Manager (March 31, 2026)2026-03-31
- unknownAlert note – Targeting instant messaging accounts (March 20, 2026)2026-03-20
- unknown[Update] Vulnerability in Cisco Catalyst SD-WAN (February 25, 2026)2026-02-25
- unknown[Update] Multiple vulnerabilities in Ivanti Endpoint Manager Mobile (January 30, 2026)2026-01-30