CVE-2026-20073 — Improper Access Control in Cisco Secure Firewall Adaptive Security Appliance Software

CWE-284 — Improper Access Control4 documents4 sources

Severity

5.8MEDIUMNVD

EPSS

0.1%

top 77.55%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Secure Firewall Adaptive Security Appliance Software Cisco Secure Firewall Threat Defense Software

Timeline

PublishedMar 4

Description

A vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to send traffic that should be denied through an affected device. This vulnerability is due to improper error handling when an affected device that is joining a cluster runs out of memory while replicating access control rules. An attacker could exploit this vulnerability by sending traffic that should be bloc…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5cisco/cisco_secure_firewall_adaptive_security_appliance_software159 versions+158

▶CVEListV5cisco/cisco_secure_firewall_threat_defense_software75 versions+74

🔴Vulnerability Details

GHSA

GHSA-2cx5-9j54-v8vq: A vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allo↗2026-03-04

▶

CVEList

Cisco Secure Firewall Adaptive Security Appliance Software and Cisco Secure Firewall Threat Defense Software Access Control List Bypass Vulnerability↗2026-03-04

▶

📋Vendor Advisories

Cisco

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Access Control List Bypass Vulnerability↗2026-03-04

▶