Cisco Firepower Threat Defense Software — known CVE vulnerabilities
Every CVE whose affected-product data names Cisco Firepower Threat Defense Software, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (31)
CVE-2024-20426 — CVSS 8.6 (high): A vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol for VPN termination of Cisco Adaptive Security Appliance (ASA)…
CVE-2026-20039 — CVSS 8.6 (high): A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat…
CVE-2026-20103 — CVSS 8.6 (high): A vulnerability in the Remote Access SSL VPN functionality of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure…
CVE-2024-20339 — CVSS 8.6 (high): A vulnerability in the TLS processing feature of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series could allow…
CVE-2026-20101 — CVSS 8.6 (high): A vulnerability in the SAML 2.0 single sign-on (SSO) feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an…
CVE-2024-20351 — CVSS 8.6 (high): A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco Firepower Threat Defense (FTD) Software and…
CVE-2026-20049 — CVSS 7.7 (high): A vulnerability in the processing of Galois/Counter Mode (GCM)-encrypted Internet Key Exchange version 2 (IKEv2) IPsec traffic of Cisco…
CVE-2026-20105 — CVSS 7.7 (high): A vulnerability in the Remote Access SSL VPN functionality of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure…
CVE-2026-20014 — CVSS 7.7 (high): A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated…
CVE-2024-20331 — CVSS 6.8 (medium): A vulnerability in the session authentication functionality of the Remote Access SSL VPN feature of Cisco Adaptive Security Appliance (ASA)…
CVE-2026-20025 — CVSS 6.8 (medium): A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated…
CVE-2026-20024 — CVSS 6.8 (medium): A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated…
CVE-2026-20050 — CVSS 6.8 (medium): A vulnerability in the Do Not Decrypt exclusion feature of the SSL decryption feature of Cisco Secure Firewall Threat Defense (FTD)…
CVE-2026-20064 — CVSS 6.5 (medium): A vulnerability in of Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, local attacker to cause the device…
CVE-2026-20022 — CVSS 6.1 (medium): A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated…
CVE-2024-20341 — CVSS 6.1 (medium): A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat…
CVE-2026-20102 — CVSS 6.1 (medium): A vulnerability in the SAML 2.0 single sign-on (SSO) feature of Cisco Secure Firewall ASA Software and Cisco Secure Firewall Threat Defense…
CVE-2026-20023 — CVSS 6.1 (medium): A vulnerability in the OSPF protocol of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat…
CVE-2026-20016 — CVSS 6.0 (medium): A vulnerability in the Cisco FXOS Software CLI feature for Cisco Secure Firewall ASA Software and Secure FTD Software could allow an…
CVE-2026-20008 — CVSS 6.0 (medium): A vulnerability in a small subset of CLI commands that are used on Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and…
CVE-2024-20485 — CVSS 6.0 (medium): A vulnerability in the VPN web server of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software…
CVE-2024-20358 — CVSS 6.0 (medium): A vulnerability in the Cisco Adaptive Security Appliance (ASA) restore functionality that is available in Cisco ASA Software and Cisco…
CVE-2021-34753 — CVSS 5.8 (medium): A vulnerability in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software…
CVE-2024-20342 — CVSS 5.8 (medium): Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an…
CVE-2026-20013 — CVSS 5.8 (medium): A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated…
CVE-2026-20015 — CVSS 5.8 (medium): A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated…
CVE-2024-20493 — CVSS 5.3 (medium): A vulnerability in the login authentication functionality of the Remote Access SSL VPN feature of Cisco Adaptive Security Appliance (ASA)…
CVE-2026-20106 — CVSS 5.3 (medium): A vulnerability in the Remote Access SSL VPN, HTTP management and MUS functionality, of Cisco Secure Firewall Adaptive Security Appliance…
CVE-2026-20069 — CVSS 4.3 (medium): A vulnerability in the VPN web services component of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure…
CVE-2026-20021 — CVSS 4.3 (medium): A vulnerability in the OSPF protocol of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat…