CVE-2026-20062

Name of the Vulnerable Software and Affected Versions Cisco Secure Firewall Adaptive Security Appliance (ASA) Software (affected versions not specified)

Description A flaw exists in the Command Line Interface (CLI) of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software when operating in multiple context mode. This issue could allow a local attacker with administrative privileges in one context to copy files to or from other contexts, potentially including sensitive configuration files. The root cause is improper access controls related to Secure Copy Protocol (SCP) operations when the CiscoSSH stack is enabled. An attacker must authenticate to a non-admin context and use specifically crafted SCP copy commands. Successful exploitation could lead to the reading, creation, or overwriting of files belonging to other contexts, including administrative and system contexts. The attacker cannot directly disrupt services in other contexts. The attacker requires valid administrative credentials for a non-admin context to exploit this issue. Listing or enumerating files in other contexts is not possible; the attacker must know the exact file path.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.