Strix
26.1K

CVE-2020-3254

HIGHCVSS 7.5/10EPSS 1.92%

Last modified

CVE-2020-3254 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. Multiple vulnerabilities in the Media Gateway Control Protocol (MGCP) inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerabilities are due to inefficient memory management. EPSS estimates a 1.92% chance of exploitation in the next 30 days.

Description

Multiple vulnerabilities in the Media Gateway Control Protocol (MGCP) inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerabilities are due to inefficient memory management. An attacker could exploit these vulnerabilities by sending crafted MGCP packets through an affected device. An exploit could allow the attacker to cause memory exhaustion resulting in a restart of an affected device, causing a DoS condition for traffic traversing the device.

Metrics

CVSS 3.1
7.5/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Probability
1.92%

77.3th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
CiscoFirepower Threat Defense>= 6.2.3, < 6.2.3.16
CiscoFirepower Threat Defense>= 6.3.0, < 6.3.0.6
CiscoFirepower Threat Defense>= 6.4.0, < 6.4.0.4
CiscoAsa 5505 Firmware9.10\(1.3\)
CiscoAsa 5510 Firmware9.10\(1.3\)
CiscoAsa 5512-X Firmware9.10\(1.3\)
CiscoAsa 5515-X Firmware9.10\(1.3\)
CiscoAsa 5520 Firmware9.10\(1.3\)
CiscoAsa 5525-X Firmware9.10\(1.3\)
CiscoAsa 5540 Firmware9.10\(1.3\)
CiscoAsa 5545-X Firmware9.10\(1.3\)
CiscoAsa 5550 Firmware9.10\(1.3\)
CiscoAsa 5555-X Firmware9.10\(1.3\)
CiscoAsa 5580 Firmware9.10\(1.3\)
CiscoAsa 5585-X Firmware9.10\(1.3\)
CiscoAdaptive Security Appliance Software>= 9.6, < 9.6.4.34
CiscoAdaptive Security Appliance Software>= 9.8, < 9.8.4.7
CiscoAdaptive Security Appliance Software>= 9.9, < 9.9.2.66
CiscoAdaptive Security Appliance Software>= 9.10, < 9.10.1.27
CiscoAdaptive Security Appliance Software>= 9.12, < 9.12.2.1

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2020-3254?
Multiple vulnerabilities in the Media Gateway Control Protocol (MGCP) inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerabilities are due to inefficient memory management. An attacker could exploit these vulnerabilities by sending crafted MGCP packets through an affected device. An exploit could allow the attacker to cause memory exhaustion resulting in a restart of an affected device, causing a DoS condition for traffic traversing the device.
How severe is CVE-2020-3254?
CVE-2020-3254 has a CVSS score of 7.5/10 (HIGH severity). The EPSS model estimates a 1.92% probability of exploitation in the next 30 days.
How do I fix CVE-2020-3254?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2020-3254?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST