CVE-2024-20502

Summary

CVE-2024-20502 is a high-severity vulnerability affecting the Cisco AnyConnect VPN server on Cisco Meraki MX and Z Series Teleworker Gateway devices, which could allow unauthenticated remote attackers to trigger a denial-of-service (DoS) condition. This issue arises from inadequate resource management during SSL VPN session establishment, enabling attackers to send specially crafted HTTPS requests that prevent new connections while existing sessions remain unaffected. The potential impact includes significant disruption to VPN services, as the server stops accepting new connections until attack traffic ceases, after which it recovers automatically without manual intervention. Organizations are advised to review the vendor's advisory for remediation steps and ensure their devices are updated accordingly. The vulnerability has been rated with an exploitability score of 3.9 and a base score of 7.5 on the CVSS scale, indicating a high risk due to its low attack complexity and lack of required privileges or user interaction.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.