Memory Exhaustion Vulnerability in Cisco Secure Firewall Adaptive Security Appliance
CVE-2026-20106

5.3MEDIUM

Key Information:

Vendor: Cisco
Status: Cisco Secure Firewall Adaptive Security Appliance (asa) Software; Cisco Secure Firewall Threat Defense (ftd) Software
Vendor: CVE Published:; 4 March 2026

Badges

👾 Exploit Exists

What is CVE-2026-20106?

A vulnerability in the Remote Access SSL VPN and HTTP management functionality of Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software can be exploited by an unauthenticated, remote attacker. By sending specially crafted packets to the Remote Access SSL VPN server, the attacker could exhaust device memory. This exploitation may result in a denial of service condition, necessitating a manual reboot to restore functionality. The root cause lies in the system's failure to appropriately validate user input, leaving it susceptible to potential attacks.

Affected Version(s)

Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 9.12.1

Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 9.12.1.2

Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 9.12.1.3

References

https://sec.cloudapps.cisco.com/security/center/content/C...

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Mar 4, 2026
Vulnerability published
Mar 4, 2026
Vulnerability Reserved
Oct 8, 2025

CVE-2026-20106 Data

JSON