CVE-2026-20049

Name of the Vulnerable Software and Affected Versions Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software (affected versions not specified)

Description A flaw exists in how the software handles Galois/Counter Mode (GCM)-encrypted Internet Key Exchange version 2 (IKEv2) IPsec traffic. This could allow a remote attacker with valid credentials to trigger a denial of service (DoS) condition. The issue stems from allocating an inadequately sized memory block when processing crafted GCM-encrypted IPsec traffic. Successful exploitation may lead to an unexpected reload of the device, resulting in a DoS.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.