Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.8
Cisco Firewall: Unauthenticated Access Control Bypass via Memory Exhaustion
CVE-2026-20073
Summary
Cisco Firewall devices may allow unauthorized access to protected networks if an attacker sends traffic that should be blocked, potentially bypassing access controls. This vulnerability affects Cisco ASA and FTD software, so ensure that your devices are updated to the latest version to prevent exploitation. Regularly review and update your firewall rules to minimize potential risks.
Original title
A vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to send t...
Original description
A vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to send traffic that should be denied through an affected device.
This vulnerability is due to improper error handling when an affected device that is joining a cluster runs out of memory while replicating access control rules. An attacker could exploit this vulnerability by sending traffic that should be blocked through the device. A successful exploit could allow the attacker to bypass access controls and reach devices in protected networks.
This vulnerability is due to improper error handling when an affected device that is joining a cluster runs out of memory while replicating access control rules. An attacker could exploit this vulnerability by sending traffic that should be blocked through the device. A successful exploit could allow the attacker to bypass access controls and reach devices in protected networks.
nvd CVSS3.1
5.8
Vulnerability type
CWE-284
Improper Access Control
Published: 4 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026