# CVE-2024-20481

> A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of the RAVPN service. This vulnerability is due to resource exhaustion. An attacker could exploit this vulnerability by sending a large number of VPN authentication requests to an affected device. A successful exploit could allow the attacker to exhaust resources, resulting in a DoS of the RAVPN service on the affected device. Depending on the impact of th

- **CVSS:** 5.8 (MEDIUM)
- **EPSS:** 11.1%
- **CISA KEV:** yes (known ransomware use)
- **CWE:** CWE-772

Canonical: https://intel.threadlinqs.com/cve/CVE-2024-20481
Full threat coverage + IOCs via the Threadlinqs MCP server (Purple tier): https://intel.threadlinqs.com/mcp