CVE-2026-20106

Name of the Vulnerable Software and Affected Versions Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software (affected versions not specified)

Description A flaw exists in the Remote Access SSL VPN, HTTP management, and MUS functionality that could allow a remote, unauthenticated attacker to deplete device memory, leading to a denial of service (DoS) condition and requiring a manual reboot. This is caused by a failure to validate user-supplied input. An attacker could exploit this by transmitting specially crafted packets to the Remote Access SSL VPN server, potentially causing the device to become unresponsive.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.