Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.8
Cisco Firewalls Can Crash When Attacked by a Nearby User with the Right Password
CVE-2026-20024
Summary
Certain Cisco firewalls can crash when an attacker with the right password sends a specific type of network packet to the device. This can cause the firewall to shut down. To fix this, Cisco recommends upgrading the software or changing the password used for OSPF authentication.
Original title
A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpe...
Original description
A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. To exploit this vulnerability, the attacker must have the OSPF secret key.
This vulnerability is due to heap corruption in OSPF when parsing packets. An attacker could exploit this vulnerability by sending crafted packets to the OSPF service. A successful exploit could allow the attacker to corrupt the heap, causing the affected device to reload, resulting in a DoS condition.
This vulnerability is due to heap corruption in OSPF when parsing packets. An attacker could exploit this vulnerability by sending crafted packets to the OSPF service. A successful exploit could allow the attacker to corrupt the heap, causing the affected device to reload, resulting in a DoS condition.
nvd CVSS3.1
6.8
Vulnerability type
CWE-119
Buffer Overflow
Published: 4 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026