Cisco
CVE-2026-20062
HIGH
Severity by source
AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N
Lifecycle Timeline
2DescriptionCVE.org
A vulnerability in the CLI of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software in multiple context mode could allow an authenticated, local attacker with administrative privileges in one context to copy files to or from another context, including configuration files. This vulnerability is due to improper access controls for Secure Copy Protocol (SCP) operations when the CiscoSSH stack is enabled. An attacker could exploit this vulnerability by authenticating to a non-admin context of the device and issuing crafted SCP copy commands in that non-admin context. A successful exploit could allow the attacker to read, create, or overwrite sensitive files that belong to another context, including the admin and system contexts. The attacker cannot directly impact the availability of services pertaining to other contexts. To exploit this vulnerability, the attacker must have valid administrative credentials for a non-admin context. Note: An attacker cannot list or enumerate files from another context and would need to know the exact file path, which increases the complexity of a successful attack.
AnalysisAI
Cisco Secure Firewall ASA in multi-context mode contains an access control bypass in SCP operations that allows authenticated local administrators of one context to read, modify, or create files in other contexts, including sensitive admin and system configuration files. The vulnerability stems from improper validation of cross-context file access when the CiscoSSH stack is enabled. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Cisco Secure Firewall ASA in multiple context mode with CiscoSSH stack enabled, authenticated local access to non-admin context, and administrative privileges in source context required. Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | CVSS 7.2 (HIGH). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker (requires authentication) could exploit this vulnerability to read, create, or overwrite sensitive files that belong to another context, inclu. |
| Remediation | Monitor vendor advisories for a patch. Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Audit all users with administrative privileges across ASA contexts and document legitimate access requirements. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-279 – Incorrect Execution-Assigned Permissions
View allShare
External POC / Exploit Code
Leaving vuln.today