CVE-2026-20024

Name of the Vulnerable Software and Affected Versions Cisco Secure Firewall ASA Software and Cisco Secure FTD Software (affected versions not specified)

Description A flaw exists in the OSPF protocol that may allow an attacker with the OSPF secret key, who is adjacent to an affected device, to cause the device to reload unexpectedly, leading to a denial-of-service (DoS) condition. This issue is caused by heap corruption when parsing packets within the OSPF service. An attacker could exploit this by sending crafted packets to the OSPF service, potentially corrupting the heap and triggering the reload.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.