CVE-2026-20013

Name of the Vulnerable Software and Affected Versions Cisco Secure Firewall ASA Software and Cisco Secure FTD Software (affected versions not specified)

Description A flaw exists in the IKEv2 feature that may allow a remote, unauthenticated attacker to trigger a denial-of-service (DoS) condition on a vulnerable device. This could also impact the availability of services to other devices on the network. The issue stems from a failure to release memory during IKEv2 packet processing, leading to memory exhaustion when crafted IKEv2 packets are sent to the device. A successful exploit could exhaust system resources, resulting in a DoS condition that requires manual device reloading.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.