Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Authenticated Command Injection Vulnerabilities
Summary
Multiple vulnerabilities in the CLI feature of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, local attacker to cause a device to execute commands with elevated privileges or reload unexpectedly, resulting in a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is part …
- Scope: CVE-2026-20017, CVE-2026-20063, CVE-2026-20064: At the time of publication, these vulnerabilities affected Cisco Secure FTD Software, regardless of device configuration.
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Mitigation checklist
- There are no workarounds that address these vulnerabilities.
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.