Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.6
Cisco Secure Firewall reloads unexpectedly due to SAML message exploit
CVE-2026-20101
Summary
An attacker can remotely cause Cisco Secure Firewall devices to restart, disrupting service, by sending a specially crafted SAML message. This affects Cisco Secure Firewall ASA Software and Secure FTD Software. Apply the latest security updates to prevent this issue.
Original title
A vulnerability in the SAML 2.0 single sign-on (SSO) feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to rel...
Original description
A vulnerability in the SAML 2.0 single sign-on (SSO) feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a DoS condition.
This vulnerability is due to insufficient error checking when processing SAML messages. An attacker could exploit this vulnerability by sending crafted SAML messages to the SAML service. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
This vulnerability is due to insufficient error checking when processing SAML messages. An attacker could exploit this vulnerability by sending crafted SAML messages to the SAML service. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
nvd CVSS3.1
8.6
Vulnerability type
CWE-330
Use of Insufficiently Random Values
Published: 4 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026