Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.1
Cisco ASA and FTD Software: Malicious OSPF Packets Can Crash Devices
CVE-2026-20023
Summary
The vulnerability affects Cisco's ASA and FTD software, which use the OSPF protocol to manage network traffic. An attacker can send malicious packets to a device, causing it to crash and become unavailable. To protect your network, update your software to the latest version as soon as possible.
Original title
A vulnerability in the OSPF protocol of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, adja...
Original description
A vulnerability in the OSPF protocol of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to corrupt memory on an affected device, resulting in a denial of service (DoS) condition.
This vulnerability is due to memory corruption when parsing OSPF protocol packets. An attacker could exploit this vulnerability by sending crafted OSPF packets to an affected device. A successful exploit could allow the attacker to cause memory corruption causing the affected device to reboot, resulting in a DoS condition.
This vulnerability is due to memory corruption when parsing OSPF protocol packets. An attacker could exploit this vulnerability by sending crafted OSPF packets to an affected device. A successful exploit could allow the attacker to cause memory corruption causing the affected device to reboot, resulting in a DoS condition.
nvd CVSS3.1
6.1
Vulnerability type
CWE-787
Out-of-bounds Write
Published: 4 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026