Rewterz Threat Advisory – Multiple Google Android Vulnerabilities
December 6, 2023Rewterz Threat Advisory – Multiple Zyxel Products Vulnerabilities
December 6, 2023Rewterz Threat Advisory – Multiple Google Android Vulnerabilities
December 6, 2023Rewterz Threat Advisory – Multiple Zyxel Products Vulnerabilities
December 6, 2023Severity
Medium
Analysis Summary
CVE-2023-20275
Cisco Adaptive Security Appliance and Firepower Threat Defense Software could allow a remote authenticated attacker to bypass security restrictions, caused by improper validation of the packet’s inner source IP address after decryption. By sending specially crafted packets through the tunnel, an attacker could exploit this vulnerability to send a packet impersonating another VPN user’s IP address.
Impact
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2023-20275
Affected Vendors
Cisco
Affected Products
- Cisco Firepower Threat Defense (FTD) Software
- Cisco Adaptive Security Appliance
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.