CVE-2026-20063Argument Injection in Cisco Secure Firewall Threat Defense Software

CWE-88Argument InjectionCWE-250Execution with Unnecessary PrivilegesCWE-476NULL Pointer Dereference4 documents4 sources
Severity
6.0MEDIUMNVD
EPSS
0.0%
top 95.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Secure Firewall Threat Defense Software
Timeline
PublishedMar 4

Description

A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerability, the attacker must have valid administrative credentials on an affected device. This vulnerability is due to insufficient input validation of user-supplied command arguments. An attacker could exploit this vulnerability by submitting crafted input for a specific CLI command. A successful explo

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:NExploitability: 0.8 | Impact: 5.2

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-x599-6m8q-75qp: A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying o2026-03-04
CVEList
Cisco Secure FTD Software Authenticated Command Injection Vulnerability2026-03-04

📋Vendor Advisories

1
Cisco
Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Authenticated Command Injection Vulnerabilities2026-03-04
CVE-2026-20063 — Argument Injection in Cisco | cvebase