Access Control Bypass in Cisco Secure Firewall ASA and FTD Software
CVE-2026-20073

5.8MEDIUM

Key Information:

Vendor

Cisco
Status
Cisco Secure Firewall Adaptive Security Appliance (asa) Software
Cisco Secure Firewall Threat Defense (ftd) Software
Vendor
CVE Published:
4 March 2026

Badges

๐Ÿ‘พ Exploit Exists

What is CVE-2026-20073?

A vulnerability exists in Cisco Secure Firewall ASA and Threat Defense Software due to improper error handling during memory operations in clustering scenarios. This can allow remote, unauthenticated attackers to bypass intended access controls, potentially exposing sensitive systems and data. The vulnerability occurs when an affected device exhausts its memory resources while processing access control rule replication, enabling attackers to send unapproved traffic through the firewall. Organizations utilizing these Cisco products should apply security updates to mitigate risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 9.12.3

Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 9.12.1

Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 9.12.2

References

https://sec.cloudapps.cisco.com/security/center/content/C...

CVSS V3.1

Score:
5.8
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

JSON
.