Cisco Secure Firewall Threat Defense Software vulnerabilities

CVE-2026-20018 [MEDIUM] CWE-27 CVE-2026-20018: A vulnerability in the sftunnel functionality of Cisco Secure Firewall Management Center (FMC) Softw A vulnerability in the sftunnel functionality of Cisco Secure Firewall Management Center (FMC) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker with administrative privileges to write arbitrary files as root on the underlying operating system. This vulnerability is due to insufficient val

CVE-2026-20015 [MEDIUM] CWE-401 CVE-2026-20015: A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Soft A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device that may impact the availability of services to devices elsewhere in the network. This vulnerability is due to a memory leak when parsing IKEv2 packets

CVE-2026-20068 [MEDIUM] CWE-248 CVE-2026-20068: Multiple Cisco products are affected by a vulnerability in the Snort 3 detection engine that could a Multiple Cisco products are affected by a vulnerability in the Snort 3 detection engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to incomplete error checking when parsing remote procedure call (RPC) data. An att

CVE-2026-20052 [MEDIUM] CWE-788 CVE-2026-20052: A vulnerability in the memory management handling for the Snort 3 Detection Engine of Cisco Secure F A vulnerability in the memory management handling for the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart. This vulnerability is due to a logic error in memory management when a device is performing Snort 3 SSL packet ins

CVE-2026-20016 [MEDIUM] CWE-88 CVE-2026-20016: A vulnerability in the Cisco FXOS Software CLI feature for Cisco Secure Firewall ASA Software and Se A vulnerability in the Cisco FXOS Software CLI feature for Cisco Secure Firewall ASA Software and Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level privileges. To exploit this vulnerability, the attacker must have valid administrative credentials on an aff

CVE-2026-20065 [MEDIUM] CWE-667 CVE-2026-20065: Multiple Cisco products are affected by a vulnerability in the Snort 3 Detection Engine that could a Multiple Cisco products are affected by a vulnerability in the Snort 3 Detection Engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to an error in the binder module initialization logic of the Snort Detection Engin

CVE-2026-20006 [MEDIUM] CWE-388 CVE-2026-20006: A vulnerability in the TLS cryptography functionality of the Snort 3 Detection Engine of Cisco Secur A vulnerability in the TLS cryptography functionality of the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to unexpectedly restart, resulting in a denial of service (DoS) condition. This vulnerability is due to improper implementa

CVE-2026-20023 [MEDIUM] CWE-787 CVE-2026-20023: A vulnerability in the OSPF protocol of Cisco Secure Firewall Adaptive Security Appliance (ASA) Soft A vulnerability in the OSPF protocol of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to corrupt memory on an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to memory corruption wh

CVE-2026-20050 [MEDIUM] CWE-404 CVE-2026-20050: A vulnerability in the Do Not Decrypt exclusion feature of the SSL decryption feature of Cisco Secur A vulnerability in the Do Not Decrypt exclusion feature of the SSL decryption feature of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper memory management during the inspection of TLS 1.2 encr

CVE-2026-20020 [MEDIUM] CWE-20 CVE-2026-20020: A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Soft A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. If OSPF authentication is enabled, the attacker must know the secret key to exploit this vulnerability. This vulner

CVE-2026-20057 [MEDIUM] CWE-369 CVE-2026-20057: Multiple Cisco products are affected by a vulnerability in the Snort 3 Visual Basic for Applications Multiple Cisco products are affected by a vulnerability in the Snort 3 Visual Basic for Applications (VBA) feature which could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vulnerability is due to lack of proper error checking when decompressing VBA data. An attacker could exploit this vulnerability

CVE-2026-20021 [MEDIUM] CWE-401 CVE-2026-20021: A vulnerability in the OSPF protocol of Cisco Secure Firewall Adaptive Security Appliance (ASA) Soft A vulnerability in the OSPF protocol of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, adjacent attacker to exhaust memory on an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to improperly validating

CVE-2026-20022 [MEDIUM] CWE-823 CVE-2026-20022: A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Soft A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition when OSPF canonicalization debug is enabled by using the command debug ip ospf canon. This vulnerability is due to

CVE-2026-20073 [MEDIUM] CWE-284 CVE-2026-20073: A vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure A vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to send traffic that should be denied through an affected device. This vulnerability is due to improper error handling when an affected device that is joining a c

CVE-2026-20024 [MEDIUM] CWE-119 CVE-2026-20024: A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Soft A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. To exploit this vulnerability, the attacker must have the OSPF secret key. This vulnerability is due to heap corrupt

CVE-2026-20063 [MEDIUM] CWE-88 CVE-2026-20063: A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerability, the attacker must have valid administrative credentials on an affected device. This vulnerability is due to insufficient input validation of user

CVE-2026-20070 [MEDIUM] CWE-80 CVE-2026-20070: A vulnerability in the VPN web services component of Cisco Secure Firewall Adaptive Security Applian A vulnerability in the VPN web services component of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a browser that is accessing an affected device. This vulnerability is due

CVE-2026-20008 [MEDIUM] CWE-78 CVE-2026-20008: A vulnerability in a small subset of CLI commands that are used on Cisco Secure Firewall Adaptive Se A vulnerability in a small subset of CLI commands that are used on Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, local attacker to craft Lua code that could be used on the underlying operating system as root. This vulnerability exists because use

CVE-2026-20069 [MEDIUM] CWE-444 CVE-2026-20069: A vulnerability in the VPN web services component of Cisco Secure Firewall Adaptive Security Applian A vulnerability in the VPN web services component of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct browser-based attacks against users of an affected device. This vulnerability is due to improper validation of HTTP r

CVE-2026-20066 [MEDIUM] CWE-400 CVE-2026-20066: Multiple Cisco products are affected by a vulnerability in the Snort 3 Detection Engine that could a Multiple Cisco products are affected by a vulnerability in the Snort 3 Detection Engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to an error in the JSTokenizer normalization logic when the HTTP inspection normal