CVE-2026-20015
Received Received - Intake

Memory Leak in Cisco IKEv2 Causes Remote DoS Condition

Vulnerability report for CVE-2026-20015, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-03-04

Last updated on: 2026-04-16

Assigner: Cisco Systems, Inc.

Description

A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device that may impact the availability of services to devices elsewhere in the network. This vulnerability is due to a memory leak when parsing IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device. A successful exploit could allow the attacker to exhaust resources, causing a DoS condition that will eventually require the device to be manually reloaded.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-03-04
Last Modified
2026-04-16
Generated
2026-07-06
AI Q&A
2026-03-04
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 8 associated CPEs
Vendor Product Version / Range
cisco adaptive_security_appliance_software From 9.18.1 (inc) to 9.18.4.71 (exc)
cisco adaptive_security_appliance_software From 9.19.1 (inc) to 9.20.4.10 (exc)
cisco adaptive_security_appliance_software From 9.22.1.1 (inc) to 9.22.2.13 (exc)
cisco adaptive_security_appliance_software From 9.23.1 (inc) to 9.23.1.19 (exc)
cisco firepower_threat_defense_software From 7.3.0 (inc) to 7.4.3 (exc)
cisco firepower_threat_defense_software From 7.6.0 (inc) to 7.6.4 (exc)
cisco firepower_threat_defense_software From 7.7.0 (inc) to 7.7.11 (exc)
cisco firepower_threat_defense_software From 7.2.0 (inc) to 7.2.11 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-401 The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software. It is caused by a memory leak that occurs when the software parses IKEv2 packets.

An unauthenticated, remote attacker can exploit this by sending specially crafted IKEv2 packets to the affected device.

Exploiting this vulnerability can lead to resource exhaustion on the device, causing a denial-of-service (DoS) condition that may require manual reloading of the device.

Impact Analysis

The vulnerability can impact you by causing a denial-of-service (DoS) condition on the affected Cisco firewall or security device.

This DoS condition can reduce or eliminate the availability of network services to other devices connected to the network.

Ultimately, the affected device may need to be manually reloaded to restore normal operation, potentially causing downtime and disruption.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-20015. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart