CVE-2026-20023
CVE-2026-20023 is a medium-severity vulnerability in Cisco Firepower Threat Defense Software with a CVSS 3.x base score of 6.1. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-787.
Key facts
- Severity: Medium (CVSS 3.x base score 6.1)
- EPSS exploit prediction: 0% (5th percentile)
- Actively exploited: Not listed in CISA KEV
- EU (EUVD) id: EUVD-2026-9480
- Weakness: CWE-787
- Affected product: Cisco Firepower Threat Defense Software
- Published:
- Last modified:
Description
A vulnerability in the OSPF protocol of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to corrupt memory on an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to memory corruption when parsing OSPF protocol packets. An attacker could exploit this vulnerability by sending crafted OSPF packets to an affected device. A successful exploit could allow the attacker to cause memory corruption causing the affected device to reboot, resulting in a DoS condition.
Frequently asked questions
- What is CVE-2026-20023?
- A vulnerability in the OSPF protocol of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to corrupt memory on an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to memory corruption when parsing OSPF protocol packets. An attacker could exploit this vulnerability by sending crafted OSPF packets to an affected device. A successful exploit could allow the attacker to cause memory corruption causing the affected device to reboot, resulting in a DoS condition.
- How severe is CVE-2026-20023?
- CVE-2026-20023 has a CVSS 3.x base score of 6.1, rated medium severity. It is exploitable over an adjacent network with high attack complexity, requires no privileges and no user interaction. Impact on confidentiality is none, integrity none, and availability high.
- Is CVE-2026-20023 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (5th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2026-20023?
- CVE-2026-20023 primarily affects Cisco Firepower Threat Defense Software. In total, 234 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2026-20023?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- Does CVE-2026-20023 have an EU (EUVD) identifier?
- Yes. CVE-2026-20023 is tracked in the ENISA EU Vulnerability Database (EUVD) as EUVD-2026-9480.
- When was CVE-2026-20023 published?
- CVE-2026-20023 was published on 2026-03-04 and last updated on 2026-06-17.
References
Affected products (234)
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:7.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:7.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:7.1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:7.1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.0:*:*:*:*:*:*:*
More vulnerabilities in Cisco Firepower Threat Defense Software
- CVE-2026-20103 — High (CVSS 8.6): A vulnerability in the Remote Access SSL VPN functionality of Cisco Secure Firewall Adaptive Security Appliance (ASA)…
- CVE-2026-20101 — High (CVSS 8.6): A vulnerability in the SAML 2.0 single sign-on (SSO) feature of Cisco Secure Firewall ASA Software and Secure FTD…
- CVE-2026-20039 — High (CVSS 8.6): A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco…
- CVE-2024-20426 — High (CVSS 8.6): A vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol for VPN termination of Cisco Adaptive Security…
- CVE-2024-20351 — High (CVSS 8.6): A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco Firepower Threat Defense…
- CVE-2024-20339 — High (CVSS 8.6): A vulnerability in the TLS processing feature of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100…
All CVEs affecting Cisco Firepower Threat Defense Software →
Other CWE-787 (Out-of-bounds Write) vulnerabilities
- CVE-2026-42369 — Critical (CVSS 10.0): GV-VMS V20 is a Video Monitoring Software used to gather the feeds of many surveillance cameras and manage other…
- CVE-2026-4746 — Critical (CVSS 10.0): Out-of-bounds Write vulnerability in timeplus-io proton (base/poco/Foundation/src modules). This vulnerability is…
- CVE-2025-43300 — Critical (CVSS 10.0): An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.8.5 and iPadOS…
- CVE-2025-24201 — Critical (CVSS 10.0): An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in…
- CVE-2024-42479 — Critical (CVSS 10.0): llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer member in the `rpc_tensor` structure can cause…
- CVE-2024-39791 — Critical (CVSS 10.0): Stack-based buffer overflow vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge…