CVE-2026-20105
HIGHCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Lifecycle Timeline
2Tags
Description
A vulnerability in the Remote Access SSL VPN functionality of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker with a valid VPN connection to exhaust device memory resulting in a denial of service (DoS) condition.This does not affect the management or MUS interfaces. This vulnerability is due to trusting user input without validation. An attacker could exploit this vulnerability by sending crafted packets to the Remote Access SSL VPN server. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
Analysis
Denial of service in Cisco Secure Firewall ASA and FTD Remote Access SSL VPN functionality allows authenticated attackers to exhaust device memory by sending specially crafted packets, forcing a device reload. The vulnerability stems from insufficient input validation on user-supplied data and requires valid VPN credentials to exploit. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify all Cisco ASA/FTD devices running affected versions and document current VPN user base and access patterns. Within 7 days: Implement network monitoring to detect abnormal memory consumption on VPN gateways; restrict VPN access to only essential users and required business functions; enable detailed logging for VPN session activity. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today