Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.8
Cisco Firewall ASA and FTD Devices Can Crash from Malicious IKEv2 Packets
CVE-2026-20013
Summary
A vulnerability in Cisco Firewall ASA and FTD devices allows an attacker to send malicious internet traffic that can cause the device to run out of memory and crash, requiring a manual restart. This can impact the availability of services to other devices on the network. Affected device administrators should update their software to the latest version to prevent this issue.
Original title
A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected devi...
Original description
A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device that may also impact the availability of services to devices elsewhere in the network.
This vulnerability is due to memory exhaustion caused by not freeing memory during IKEv2 packet processing. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device. A successful exploit could allow the attacker to exhaust resources, causing a DoS condition that will eventually require the device to manually reload.
This vulnerability is due to memory exhaustion caused by not freeing memory during IKEv2 packet processing. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device. A successful exploit could allow the attacker to exhaust resources, causing a DoS condition that will eventually require the device to manually reload.
nvd CVSS3.1
5.8
Vulnerability type
CWE-401
Memory Leak
Published: 4 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026