CVE-2020-3528

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliance (ASA) Software versions prior to the fixed version Cisco Firepower Threat Defense (FTD) Software versions prior to the fixed version

Description A vulnerability in the OSPF Version 2 (OSPFv2) implementation could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The issue is due to incomplete input validation when processing certain OSPFv2 packets with Link-Local Signaling (LLS) data. An attacker could exploit this by sending a malformed OSPFv2 packet to an affected device, potentially causing it to reload.

Recommendations For Cisco Adaptive Security Appliance (ASA) Software, update to a version that includes the fix for this issue. For Cisco Firepower Threat Defense (FTD) Software, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting the processing of OSPFv2 packets with Link-Local Signaling (LLS) data until a patch is available.