CVE-2023-20070
Summary
A vulnerability in Cisco Firepower Threat Defense (FTD) Software's TLS 1.3 implementation can allow an unauthenticated remote attacker to cause the Snort 3 detection engine to restart. This is due to a logic error in memory allocation handling during TLS 1.3 sessions, leading to a denial of service condition where packets are dropped during the engine's reload.
IFF Assessment
This vulnerability allows an attacker to disrupt network security monitoring, impacting the ability of defenders to detect and respond to threats.
Severity
Defender Context
This vulnerability allows for a denial of service against critical network inspection components, meaning defenders could lose visibility into network traffic. It's crucial for organizations using Cisco FTD to patch this vulnerability promptly and monitor for any signs of exploitation targeting their TLS 1.3 configurations.