CVE-2026-20020

Name of the Vulnerable Software and Affected Versions Cisco Secure Firewall ASA Software and Cisco Secure FTD Software (affected versions not specified)

Description A flaw exists in the OSPF protocol that may allow a nearby attacker to cause an unexpected reload of a device, leading to a denial of service. The issue stems from inadequate validation of input when handling OSPF update packets. An attacker could exploit this by sending specially crafted OSPF update packets, potentially triggering a buffer overflow and causing the device to reload. If OSPF authentication is enabled, the attacker needs to know the secret key to successfully exploit this issue.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.