CVE-2026-20012

CWE-401Memory Leak4 documents4 sources
Severity
8.6HIGH
EPSS
0.1%
top 67.53%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Cisco Cisco IOS XE SoftwareCisco Cisco Secure Firewall Adaptive Security Appliance (asa) SoftwareCisco Cisco Secure Firewall Threat Defense (ftd) Software+1 more
Timeline
PublishedMar 25

Description

A vulnerability in the Internet Key Exchange version 2 (IKEv2) feature of Cisco IOS Software, Cisco IOS XE Software, Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service (DoS) condition on an affected device. This vulnerability is due to improper parsing of IKEv2 packets. An attacker could exploit this vulnerability by sen

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HExploitability: 3.9 | Impact: 4.0

Affected Packages4 packages

CVEListV5cisco/cisco_ios_xe_software378 versions+377
CVEListV5cisco/ios553 versions+552

🔴Vulnerability Details

2
GHSA
GHSA-5cpj-j8xh-5rgh: A vulnerability in the Internet Key Exchange version 2 (IKEv2) feature of Cisco IOS Software, Cisco IOS XE Software, Cisco Secure Firewall Adaptive Se2026-03-25
CVEList
CVE-2026-20012: A vulnerability in the Internet Key Exchange version 2 (IKEv2) feature of Cisco IOS Software, Cisco IOS XE Software, Cisco Secure Firewall Adaptive Se2026-03-25

📋Vendor Advisories

1
Cisco
Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerability2026-03-25