CVE-2026-20014

Name of the Vulnerable Software and Affected Versions Cisco Secure Firewall ASA Software and Cisco Secure FTD Software (affected versions not specified)

Description A flaw exists in the IKEv2 feature that may allow a remote attacker with valid VPN user credentials to trigger a denial-of-service (DoS) condition. This issue stems from improper handling of IKEv2 packets. An attacker could exploit this by sending specially crafted, authenticated IKEv2 packets to a vulnerable device, potentially exhausting memory and causing a reload.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.