Cisco Adaptive Security Appliance and Firepower Threat Defense Software Authorization Bypass Vulnerability

A vulnerability in Cisco ASA and FTD software allows remote attackers with valid VPN credentials to exploit a flaw in SAML authentication, potentially granting access to secured networks they are not authorized to. The vulnerability arises from improper separation of authorization domains, allowing attackers to intercept and reuse SAML SSO tokens to bypass connection profile restrictions. Cisco has released software updates to address the issue, with no known workarounds. This vulnerability carries a Medium security impact rating and has been assigned CVE-2024-20355. For more information, refer to the advisory at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-bypass-KkNvXyKW.