CVE-2026-20100
HIGHCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Lifecycle Timeline
2Tags
Description
A vulnerability in the LUA interperter of the Remote Access SSL VPN feature of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker with a valid VPN connection to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This does not affect the management or MUS interfaces. This vulnerability is due to trusting user input without validation in the LUA interprerter. An attacker could exploit this vulnerability by sending crafted HTTP packets to the Remote Access SSL VPN server. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
Analysis
Cisco Secure Firewall ASA and FTD devices are vulnerable to a denial of service attack through the Remote Access SSL VPN feature, where authenticated attackers can trigger unvalidated input processing in the Lua interpreter to force device reloads. The vulnerability stems from insufficient input validation in the Lua interpreter and can be exploited by sending specially crafted HTTP packets over an existing VPN connection. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: inventory all Cisco ASA and FTD devices using SSL VPN Remote Access; assess VPN user base and criticality. Within 7 days: implement network segmentation to restrict VPN access to authorized personnel only; enable enhanced monitoring/logging of VPN connections for anomalous LUA interpreter activity. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today