CVE-2026-20008 — OS Command Injection in Cisco Secure Firewall Adaptive Security Appliance Software

CWE-78 — OS Command Injection4 documents4 sources

Severity

6.0MEDIUMNVD

EPSS

0.0%

top 91.32%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Secure Firewall Adaptive Security Appliance Software Cisco Secure Firewall Threat Defense Software

Timeline

PublishedMar 4

Description

A vulnerability in a small subset of CLI commands that are used on Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, local attacker to craft Lua code that could be used on the underlying operating system as root. This vulnerability exists because user-provided input is not properly sanitized. An attacker could exploit this vulnerability by crafting valid Lua code and submitting it as a malicious…

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:NExploitability: 0.8 | Impact: 5.2

Affected Packages2 packages

▶CVEListV5cisco/cisco_secure_firewall_adaptive_security_appliance_software147 versions+146

▶CVEListV5cisco/cisco_secure_firewall_threat_defense_software75 versions+74

🔴Vulnerability Details

GHSA

GHSA-42hx-qv2c-ff49: A vulnerability in a small subset of CLI commands that are used on Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure F↗2026-03-04

▶

CVEList

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Lua Code Injection Vulnerability↗2026-03-04

▶

📋Vendor Advisories

Cisco

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Lua Code Injection Vulnerability↗2026-03-04

▶