# CVE-2023-20269

> A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to establish a clientless SSL VPN session with an unauthorized user. This vulnerability is due to improper separation of authentication, authorization, and accounting (AAA) between the remote access VPN feature and the HTTPS management and site-to-site VPN features

- **CVSS:** 5 (MEDIUM)
- **EPSS:** 0.9%
- **CISA KEV:** yes (known ransomware use)
- **CWE:** CWE-288

Canonical: https://intel.threadlinqs.com/cve/CVE-2023-20269
Full threat coverage + IOCs via the Threadlinqs MCP server (Purple tier): https://intel.threadlinqs.com/mcp