Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.8
Cisco FTD Software Denial of Service via Malformed TLS 1.2 Traffic
CVE-2026-20050
Summary
A flaw in Cisco FTD Software can cause a device to crash if it receives specifically crafted encrypted traffic. This could lead to a temporary loss of service. To mitigate this, update to the latest version of Cisco FTD Software or configure the device to ignore TLS 1.2 traffic if possible.
Original title
A vulnerability in the Do Not Decrypt exclusion feature of the SSL decryption feature of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause...
Original description
A vulnerability in the Do Not Decrypt exclusion feature of the SSL decryption feature of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to improper memory management during the inspection of TLS 1.2 encrypted traffic. An attacker could exploit this vulnerability by sending crafted TLS 1.2 encrypted traffic through an affected device. A successful exploit could allow the attacker to cause a reload of an affected device.
Note: This vulnerability only affects traffic that is encrypted by TLS 1.2. Other versions of TLS are not affected.
This vulnerability is due to improper memory management during the inspection of TLS 1.2 encrypted traffic. An attacker could exploit this vulnerability by sending crafted TLS 1.2 encrypted traffic through an affected device. A successful exploit could allow the attacker to cause a reload of an affected device.
Note: This vulnerability only affects traffic that is encrypted by TLS 1.2. Other versions of TLS are not affected.
nvd CVSS3.1
6.8
Vulnerability type
CWE-404
Published: 4 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026