CVE-2026-20015
Received Received - Intake
Memory Leak in Cisco IKEv2 Causes Remote DoS Condition

Publication date: 2026-03-04

Last updated on: 2026-04-16

Assigner: Cisco Systems, Inc.

Description
A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device that may impact the availability of services to devices elsewhere in the network. This vulnerability is due to a memory leak when parsing IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device. A successful exploit could allow the attacker to exhaust resources, causing a DoS condition that will eventually require the device to be manually reloaded.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-04
Last Modified
2026-04-16
Generated
2026-05-07
AI Q&A
2026-03-04
EPSS Evaluated
2026-05-05
NVD
CVE-2026-20015
EUVD
EUVD-2026-9432
Affected Vendors & Products
Showing 8 associated CPEs
Vendor Product Version / Range
cisco adaptive_security_appliance_software From 9.18.1 (inc) to 9.18.4.71 (exc)
cisco adaptive_security_appliance_software From 9.19.1 (inc) to 9.20.4.10 (exc)
cisco adaptive_security_appliance_software From 9.22.1.1 (inc) to 9.22.2.13 (exc)
cisco adaptive_security_appliance_software From 9.23.1 (inc) to 9.23.1.19 (exc)
cisco firepower_threat_defense_software From 7.3.0 (inc) to 7.4.3 (exc)
cisco firepower_threat_defense_software From 7.6.0 (inc) to 7.6.4 (exc)
cisco firepower_threat_defense_software From 7.7.0 (inc) to 7.7.11 (exc)
cisco firepower_threat_defense_software From 7.2.0 (inc) to 7.2.11 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-401 The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software. It is caused by a memory leak that occurs when the software parses IKEv2 packets.

An unauthenticated, remote attacker can exploit this by sending specially crafted IKEv2 packets to the affected device.

Exploiting this vulnerability can lead to resource exhaustion on the device, causing a denial-of-service (DoS) condition that may require manual reloading of the device.


How can this vulnerability impact me? :

The vulnerability can impact you by causing a denial-of-service (DoS) condition on the affected Cisco firewall or security device.

This DoS condition can reduce or eliminate the availability of network services to other devices connected to the network.

Ultimately, the affected device may need to be manually reloaded to restore normal operation, potentially causing downtime and disruption.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

I don't know


What immediate steps should I take to mitigate this vulnerability?

I don't know


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart