31 matches found
CVE-2026-20039
CVE-2026-20039 affects Cisco Secure Firewall ASA/FTD VPN web server. The root cause is ineffective memory management in the VPN web server, which can be exploited by sending a large flood of crafted HTTP requests, potentially causing the device to reload and suffer a denial-of-service. The affect...
CVE-2024-20358
Cisco ASA/FTD restore-functionality command-injection vulnerability (CVE-2024-20358) allows an authenticated, local attacker to execute arbitrary root commands by restoring a crafted backup file. Root access is required, with administrator privileges. Cisco has released updates to fix this vulner...
CVE-2024-20481
The CVE-2024-20481 entry concerns Cisco ASA/FTD Remote Access VPN (RAVPN) DoS from resource exhaustion. Affected components: ASA and FTD software; vulnerability arises when an unauthenticated, remote attacker sends a flood of VPN authentication requests, exhausting device resources and potentiall...
CVE-2021-34753
Cisco Firepower Threat Defense (FTD) Software is affected by CVE-2021-34753 due to incomplete deep packet inspection in ENIP traffic processing, enabling unauthenticated remote bypass of configured ENIP access control and intrusion policies. The vulnerability concerns the payload inspection compo...
CVE-2026-20049
CVE-2026-20049 affects Cisco Secure Firewall ASA and Threat Defense (FTD) software. The issue arises in processing GCM-encrypted IKEv2 IPsec traffic due to an insufficiently sized memory allocation, enabling an authenticated attacker to trigger a device reload and DoS. Exploitation requires valid...
CVE-2024-20426
CVE-2024-20426 affects Cisco ASA and Cisco FTD (IKEv2). A vulnerability in IKEv2 input validation could allow an unauthenticated, remote attacker to cause a DoS by sending crafted IKEv2 traffic, potentially causing the device to reload. Cisco advisory states updates addressing the vulnerability h...
CVE-2024-20493
CVE-2024-20493 affects Cisco ASA (Adaptive Security Appliance) and Cisco FTD (Firepower Threat Defense) during the Remote Access SSL VPN authentication phase. The vulnerability stems from ineffective handling of memory resources in the authentication process, which can be triggered by crafted pac...
CVE-2024-20342
CVE-2024-20342 : Multiple Cisco products with Snort rate-filtering can be bypassed due to an incorrect connection count comparison. An unauthenticated, remote attacker can send traffic at or above the configured rate to bypass the rate-limiting filter, potentially allowing unintended traffic into...
CVE-2024-20485
Cisco ASA/FTD VPN web server vulnerability (CVE-2024-20485) allows an authenticated, local attacker to execute arbitrary code with root privileges after a next device reload. Root cause: improper validation of a file read from system flash memory; attacker can trigger via restoring a crafted back...
CVE-2024-20331
The CVE-2024-20331 entry describes a denial-of-service scenario in the Cisco ASA VPN and Firepower Threat Defense (FTD) Remote Access SSL VPN session authentication. Root cause: insufficient entropy in the authentication process, enabling an unauthenticated, remote attacker to determine an authen...
CVE-2024-20341
Summary: CVE-2024-20341 targets Cisco ASA/FTD VPN Web Client Services. A vulnerability in input validation allows an unauthenticated, remote attacker to trigger cross-site scripting (XSS) in a browser accessing the affected device. The attacker persuades a user to click a crafted link, enabling e...
CVE-2024-20351
CVE-2024-20351 describes a Denial of Service vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine used by Cisco Firepower Threat Defense (FTD) software and Cisco FirePOWER Services. An unauthenticated, remote attacker can trigger high traffic volume to cause legitim...
CVE-2026-20102
Cisco Secure Firewall ASA and Cisco Secure Firewall Threat Defense (FTD) are affected by CVE-2026-20102, a reflected XSS in the SAML 2.0 SSO feature caused by insufficient input validation of multiple HTTP parameters. An unauthenticated, remote attacker could lure a user to a malicious link to ex...
CVE-2024-20339
The CVE-2024-20339 entry concerns Cisco Firepower Threat Defense (FTD) for the 2100 Series. The vulnerability resides in the TLS processing path and can be exploited by unauthenticated, remote attackers sending specific TLS traffic over IPv4, potentially causing the affected device to reload and ...
CVE-2026-20069
The CVE-2026-20069 entry covers a vulnerability in the VPN web services component of Cisco Secure Firewall ASA and FTD software. The issue arises from improper validation of HTTP requests, which could allow an unauthenticated, remote attacker to persuade a user to visit a crafted site that sends ...
CVE-2026-20008
Cisco reports a CVE-2026-20008 affecting a small subset of CLI commands on Cisco Secure Firewall ASA and Threat Defense (FTD) software. The vulnerability arises from unsanitized user input that can be used to craft Lua code executed on the underlying OS as root. An authenticated attacker with Adm...
CVE-2026-20050
The CVE-2026-20050 affects Cisco Secure Firewall Threat Defense (FTD) Software, specifically the Do Not Decrypt exclusion feature in the SSL decryption function. The issue arises from improper memory management when inspecting TLS 1.2 encrypted traffic, allowing an unauthenticated, remote attacke...
CVE-2026-20016
Cisco FXOS Software CLI contains an input-validation flaw that can allow an authenticated, local attacker with admin credentials to execute arbitrary commands on the underlying OS with root privileges. Root cause: insufficient validation of user-supplied CLI arguments in the Cisco Secure Firewall...
CVE-2026-20064
CVE-2026-20064 affects Cisco Secure Firewall Threat Defense (FTD) Software. The issue stems from improper validation of user-supplied input, enabling an authenticated, local attacker to inject crafted CLI commands and cause the device to reload, resulting in a DoS. The vulnerability is categorize...
CVE-2026-20103
CVE-2026-20103 affects Cisco Secure Firewall ASA/FTD Remote Access SSL VPN. The flaw stems from trusting user input without validation, allowing unauthenticated remote attackers to exhaust device memory and cause a DoS, potentially making the web interface temporarily unresponsive. Impact is on n...
CVE-2026-20013
CVE-2026-20013 describes a DoS in Cisco Secure Firewall ASA/FTD products due to memory exhaustion during IKEv2 packet processing. The vulnerability stems from not freeing memory while handling IKEv2 traffic, which an unauthenticated remote attacker can trigger by sending crafted IKEv2 packets, po...
CVE-2026-20014
The CVE concerns Cisco Secure Firewall ASA Software and Cisco Secure FTD Software with an IKEv2 handling flaw. An authenticated remote attacker with valid VPN user credentials can send crafted IKEv2 packets to trigger a DoS by exhausting memory, leading to a device reload and potential impact on ...
CVE-2026-20021
Cisco Secure Firewall ASA/FTD products are affected by CVE-2026-20021 due to a flaw in the OSPF protocol input validation when parsing packets. Affected software ranges include Cisco Secure Firewall ASA and Cisco Secure Firewall Threat Defense (FTD). An authenticated, adjacent attacker can exploi...
CVE-2026-20022
CVE-2026-20022 affects Cisco Secure Firewall ASA/FTD OSPF processing. The root cause is insufficient input validation when handling OSPF LSU packets, allowing an unauthenticated, adjacent attacker to send crafted OSPF packets that could write outside packet data, trigger a device reload, and caus...
CVE-2026-20105
CVE-2026-20105 affects Cisco Secure Firewall ASA and Secure Firewall Threat Defense (FTD) software, where the Remote Access SSL VPN component may exhaust device memory via crafted packets, causing a reload and DoS. The issue arises from trusting user input without validation. An authenticated rem...
CVE-2026-20101
Cisco Secure Firewall ASA Software and Secure FTD Software are affected by a SAML 2.0 SSO vulnerability. The issue stems from insufficient error checking when processing SAML messages, which could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a DoS conditio...
CVE-2026-20106
Cisco Secure Firewall ASA/FTD Software vulnerability CVE-2026-20106 exposes Remote Access SSL VPN, HTTP management, and MUS functionality to unauthenticated, remote exploitation. The issue stems from insufficient input validation, allowing crafted packets to exhaust device memory and cause a DoS ...
CVE-2026-20023
Summary: CVE-2026-20023 affects Cisco Secure Firewall ASA/FTD OSPF protocol handling. The issue is memory corruption when parsing OSPF packets, enabling an unauthenticated, adjacent attacker to cause memory corruption and a reboot, resulting in DoS. Affected products: Cisco Secure Firewall ASA so...
CVE-2026-20024
CVE-2026-20024 affects Cisco Secure Firewall ASA Software and Cisco Secure FTD Software. The root cause is heap corruption in the OSPF service when parsing packets, exploitable by an adjacent, authenticated attacker who has the OSPF secret key. Successful exploitation can cause the device to relo...
CVE-2026-20015
CVE-2026-20015 affects Cisco Secure Firewall ASA Software and Cisco Secure FTD Software. A memory leak during parsing of IKEv2 packets could allow an unauthenticated remote attacker to cause a DoS that may impact availability of services to devices elsewhere in the network. Exploitation requires ...
CVE-2026-20025
CVE-2026-20025 affects Cisco Secure Firewall ASA/FTD OSPF processing. An authenticated, adjacent attacker with the OSPF secret key can send crafted OSPF LSU packets to trigger insufficient input validation, potentially corrupting the heap and causing the device to reload for a DoS. The vulnerabil...