CVE-2026-20024
Received
Received - Intake
Heap Corruption in Cisco OSPF Causes DoS via Device Reload
Publication date: 2026-03-04
Last updated on: 2026-05-04
Assigner: Cisco Systems, Inc.
Description
Description
A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. To exploit this vulnerability, the attacker must have the OSPF secret key.
This vulnerability is due to heap corruption in OSPF when parsing packets. An attacker could exploit this vulnerability by sending crafted packets to the OSPF service. A successful exploit could allow the attacker to corrupt the heap, causing the affected device to reload, resulting in a DoS condition.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| cisco | adaptive_security_appliance_software | 9.16.1 |
| cisco | adaptive_security_appliance_software | 9.12.2 |
| cisco | adaptive_security_appliance_software | 9.12.2.5 |
| cisco | adaptive_security_appliance_software | 9.12.4.4 |
| cisco | adaptive_security_appliance_software | 9.12.3.2 |
| cisco | adaptive_security_appliance_software | 9.12.3.7 |
| cisco | adaptive_security_appliance_software | 9.12.4 |
| cisco | adaptive_security_appliance_software | 9.12.3.12 |
| cisco | adaptive_security_appliance_software | 9.12.4.37 |
| cisco | adaptive_security_appliance_software | 9.12.4.38 |
| cisco | adaptive_security_appliance_software | 9.12.4.39 |
| cisco | adaptive_security_appliance_software | 9.17.1 |
| cisco | adaptive_security_appliance_software | 9.12.3 |
| cisco | adaptive_security_appliance_software | 9.12.3.9 |
| cisco | adaptive_security_appliance_software | 9.12.4.26 |
| cisco | adaptive_security_appliance_software | 9.12.4.30 |
| cisco | adaptive_security_appliance_software | 9.16.1.28 |
| cisco | adaptive_security_appliance_software | 9.17.1.7 |
| cisco | adaptive_security_appliance_software | 9.16.3.14 |
| cisco | adaptive_security_appliance_software | 9.16.4 |
| cisco | adaptive_security_appliance_software | 9.18.2.5 |
| cisco | adaptive_security_appliance_software | 9.17.1.10 |
| cisco | adaptive_security_appliance_software | 9.17.1.13 |
| cisco | adaptive_security_appliance_software | 9.18.1 |
| cisco | adaptive_security_appliance_software | 9.18.1.3 |
| cisco | adaptive_security_appliance_software | 9.12.1.2 |
| cisco | adaptive_security_appliance_software | 9.12.1.3 |
| cisco | adaptive_security_appliance_software | 9.12.4.10 |
| cisco | adaptive_security_appliance_software | 9.12.4.13 |
| cisco | adaptive_security_appliance_software | 9.12.4.8 |
| cisco | adaptive_security_appliance_software | 9.12.4.18 |
| cisco | adaptive_security_appliance_software | 9.16.2.3 |
| cisco | adaptive_security_appliance_software | 9.16.2.7 |
| cisco | adaptive_security_appliance_software | 9.16.2.11 |
| cisco | adaptive_security_appliance_software | 9.16.2.13 |
| cisco | adaptive_security_appliance_software | 9.16.2.14 |
| cisco | adaptive_security_appliance_software | 9.17.1.11 |
| cisco | adaptive_security_appliance_software | 9.17.1.15 |
| cisco | adaptive_security_appliance_software | 9.12.4.2 |
| cisco | adaptive_security_appliance_software | 9.17.1.9 |
| cisco | adaptive_security_appliance_software | 9.12.2.4 |
| cisco | adaptive_security_appliance_software | 9.12.2.9 |
| cisco | adaptive_security_appliance_software | 9.12.2.1 |
| cisco | adaptive_security_appliance_software | 9.12.4.7 |
| cisco | adaptive_security_appliance_software | 9.12.4.24 |
| cisco | adaptive_security_appliance_software | 9.12.4.29 |
| cisco | adaptive_security_appliance_software | 9.12.4.35 |
| cisco | adaptive_security_appliance_software | 9.16.2 |
| cisco | adaptive_security_appliance_software | 9.16.3.3 |
| cisco | adaptive_security_appliance_software | 9.16.3 |
| cisco | adaptive_security_appliance_software | 9.18.2 |
| cisco | adaptive_security_appliance_software | 9.19.1.9 |
| cisco | adaptive_security_appliance_software | 9.19.1.5 |
| cisco | adaptive_security_appliance_software | 9.19.1.18 |
| cisco | adaptive_security_appliance_software | 9.19.1.12 |
| cisco | adaptive_security_appliance_software | 9.19.1 |
| cisco | adaptive_security_appliance_software | 9.18.3.55 |
| cisco | adaptive_security_appliance_software | 9.18.3.53 |
| cisco | adaptive_security_appliance_software | 9.18.3.46 |
| cisco | adaptive_security_appliance_software | 9.18.3.39 |
| cisco | adaptive_security_appliance_software | 9.18.3 |
| cisco | adaptive_security_appliance_software | 9.18.2.8 |
| cisco | adaptive_security_appliance_software | 9.18.2.7 |
| cisco | adaptive_security_appliance_software | 9.17.1.30 |
| cisco | adaptive_security_appliance_software | 9.17.1.20 |
| cisco | adaptive_security_appliance_software | 9.16.4.9 |
| cisco | adaptive_security_appliance_software | 9.16.4.38 |
| cisco | adaptive_security_appliance_software | 9.16.4.27 |
| cisco | adaptive_security_appliance_software | 9.16.4.19 |
| cisco | adaptive_security_appliance_software | 9.16.4.14 |
| cisco | adaptive_security_appliance_software | 9.16.3.23 |
| cisco | adaptive_security_appliance_software | 9.16.3.19 |
| cisco | adaptive_security_appliance_software | 9.16.3.15 |
| cisco | adaptive_security_appliance_software | 9.12.4.58 |
| cisco | adaptive_security_appliance_software | 9.12.4.56 |
| cisco | adaptive_security_appliance_software | 9.12.4.55 |
| cisco | adaptive_security_appliance_software | 9.12.4.54 |
| cisco | adaptive_security_appliance_software | 9.12.4.52 |
| cisco | adaptive_security_appliance_software | 9.12.4.50 |
| cisco | adaptive_security_appliance_software | 9.12.4.48 |
| cisco | adaptive_security_appliance_software | 9.12.4.47 |
| cisco | adaptive_security_appliance_software | 9.12.4.41 |
| cisco | adaptive_security_appliance_software | 9.12.4.40 |
| cisco | adaptive_security_appliance_software | 9.12.4.62 |
| cisco | adaptive_security_appliance_software | 9.12.4.65 |
| cisco | adaptive_security_appliance_software | 9.16.4.39 |
| cisco | adaptive_security_appliance_software | 9.16.4.42 |
| cisco | adaptive_security_appliance_software | 9.16.4.48 |
| cisco | adaptive_security_appliance_software | 9.16.4.55 |
| cisco | adaptive_security_appliance_software | 9.17.1.33 |
| cisco | adaptive_security_appliance_software | 9.18.3.56 |
| cisco | adaptive_security_appliance_software | 9.18.4 |
| cisco | adaptive_security_appliance_software | 9.18.4.5 |
| cisco | adaptive_security_appliance_software | 9.18.4.8 |
| cisco | adaptive_security_appliance_software | 9.19.1.22 |
| cisco | adaptive_security_appliance_software | 9.19.1.24 |
| cisco | adaptive_security_appliance_software | 9.19.1.27 |
| cisco | adaptive_security_appliance_software | 9.20.1 |
| cisco | adaptive_security_appliance_software | 9.20.1.5 |
| cisco | adaptive_security_appliance_software | 9.20.2 |
| cisco | adaptive_security_appliance_software | 9.20.2.21 |
| cisco | adaptive_security_appliance_software | 9.20.2.10 |
| cisco | adaptive_security_appliance_software | 9.19.1.31 |
| cisco | adaptive_security_appliance_software | 9.19.1.28 |
| cisco | adaptive_security_appliance_software | 9.18.4.24 |
| cisco | adaptive_security_appliance_software | 9.18.4.22 |
| cisco | adaptive_security_appliance_software | 9.17.1.39 |
| cisco | adaptive_security_appliance_software | 9.16.4.61 |
| cisco | adaptive_security_appliance_software | 9.16.4.57 |
| cisco | adaptive_security_appliance_software | 9.12.4.67 |
| cisco | adaptive_security_appliance_software | 9.20.3 |
| cisco | adaptive_security_appliance_software | 9.18.4.40 |
| cisco | adaptive_security_appliance_software | 9.16.4.70 |
| cisco | adaptive_security_appliance_software | 9.16.4.67 |
| cisco | adaptive_security_appliance_software | 9.20.2.22 |
| cisco | adaptive_security_appliance_software | 9.18.4.34 |
| cisco | adaptive_security_appliance_software | 9.18.4.29 |
| cisco | adaptive_security_appliance_software | 9.16.4.62 |
| cisco | adaptive_security_appliance_software | 9.20.3.4 |
| cisco | adaptive_security_appliance_software | 9.20.3.7 |
| cisco | adaptive_security_appliance_software | 9.22.1.1 |
| cisco | adaptive_security_appliance_software | 9.23.1 |
| cisco | adaptive_security_appliance_software | 9.16.4.71 |
| cisco | adaptive_security_appliance_software | 9.16.4.76 |
| cisco | adaptive_security_appliance_software | 9.16.4.82 |
| cisco | adaptive_security_appliance_software | 9.17.1.45 |
| cisco | adaptive_security_appliance_software | 9.17.1.46 |
| cisco | adaptive_security_appliance_software | 9.18.4.47 |
| cisco | adaptive_security_appliance_software | 9.18.4.50 |
| cisco | adaptive_security_appliance_software | 9.18.4.52 |
| cisco | adaptive_security_appliance_software | 9.18.4.53 |
| cisco | adaptive_security_appliance_software | 9.19.1.37 |
| cisco | adaptive_security_appliance_software | 9.19.1.38 |
| cisco | adaptive_security_appliance_software | 9.20.3.10 |
| cisco | adaptive_security_appliance_software | 9.20.3.13 |
| cisco | adaptive_security_appliance_software | 9.20.3.16 |
| cisco | adaptive_security_appliance_software | 9.20.3.9 |
| cisco | adaptive_security_appliance_software | 9.22.1.2 |
| cisco | adaptive_security_appliance_software | 9.22.1.3 |
| cisco | adaptive_security_appliance_software | 9.22.1.6 |
| cisco | adaptive_security_appliance_software | -9.12.1 |
| cisco | firepower_threat_defense_software | 6.4.0 |
| cisco | firepower_threat_defense_software | 6.4.0.1 |
| cisco | firepower_threat_defense_software | 6.4.0.3 |
| cisco | firepower_threat_defense_software | 6.4.0.2 |
| cisco | firepower_threat_defense_software | 6.4.0.4 |
| cisco | firepower_threat_defense_software | 6.4.0.5 |
| cisco | firepower_threat_defense_software | 6.4.0.6 |
| cisco | firepower_threat_defense_software | 6.4.0.7 |
| cisco | firepower_threat_defense_software | 6.4.0.8 |
| cisco | firepower_threat_defense_software | 6.4.0.9 |
| cisco | firepower_threat_defense_software | 6.4.0.10 |
| cisco | firepower_threat_defense_software | 6.4.0.11 |
| cisco | firepower_threat_defense_software | 6.4.0.12 |
| cisco | firepower_threat_defense_software | 6.4.0.13 |
| cisco | firepower_threat_defense_software | 6.4.0.14 |
| cisco | firepower_threat_defense_software | 6.4.0.15 |
| cisco | firepower_threat_defense_software | 6.4.0.16 |
| cisco | firepower_threat_defense_software | 6.4.0.17 |
| cisco | firepower_threat_defense_software | 7.0.0 |
| cisco | firepower_threat_defense_software | 7.0.0.1 |
| cisco | firepower_threat_defense_software | 7.0.1 |
| cisco | firepower_threat_defense_software | 7.0.1.1 |
| cisco | firepower_threat_defense_software | 7.0.2 |
| cisco | firepower_threat_defense_software | 7.0.2.1 |
| cisco | firepower_threat_defense_software | 7.0.3 |
| cisco | firepower_threat_defense_software | 7.0.4 |
| cisco | firepower_threat_defense_software | 7.0.5 |
| cisco | firepower_threat_defense_software | 7.0.6 |
| cisco | firepower_threat_defense_software | 7.0.6.1 |
| cisco | firepower_threat_defense_software | 7.1.0 |
| cisco | firepower_threat_defense_software | 7.1.0.1 |
| cisco | firepower_threat_defense_software | 7.1.0.2 |
| cisco | firepower_threat_defense_software | 7.1.0.3 |
| cisco | firepower_threat_defense_software | 7.2.0 |
| cisco | firepower_threat_defense_software | 7.2.0.1 |
| cisco | firepower_threat_defense_software | 7.2.1 |
| cisco | firepower_threat_defense_software | 7.2.2 |
| cisco | firepower_threat_defense_software | 7.2.3 |
| cisco | firepower_threat_defense_software | 7.2.4 |
| cisco | firepower_threat_defense_software | 7.2.4.1 |
| cisco | firepower_threat_defense_software | 7.2.5 |
| cisco | firepower_threat_defense_software | 7.2.5.1 |
| cisco | firepower_threat_defense_software | 7.3.0 |
| cisco | firepower_threat_defense_software | 7.3.1 |
| cisco | firepower_threat_defense_software | 7.3.1.1 |
| cisco | firepower_threat_defense_software | 7.4.0 |
| cisco | firepower_threat_defense_software | 7.4.1 |
| cisco | firepower_threat_defense_software | 7.4.1.1 |
| cisco | firepower_threat_defense_software | 7.3.1.2 |
| cisco | firepower_threat_defense_software | 7.2.8.1 |
| cisco | firepower_threat_defense_software | 7.2.8 |
| cisco | firepower_threat_defense_software | 7.2.5.2 |
| cisco | firepower_threat_defense_software | 7.2.7 |
| cisco | firepower_threat_defense_software | 7.2.6 |
| cisco | firepower_threat_defense_software | 7.0.6.2 |
| cisco | firepower_threat_defense_software | 6.4.0.18 |
| cisco | firepower_threat_defense_software | 7.4.2 |
| cisco | firepower_threat_defense_software | 7.0.6.3 |
| cisco | firepower_threat_defense_software | 7.0.7 |
| cisco | firepower_threat_defense_software | 7.0.8 |
| cisco | firepower_threat_defense_software | 7.0.8.1 |
| cisco | firepower_threat_defense_software | 7.2.9 |
| cisco | firepower_threat_defense_software | 7.4.2.1 |
| cisco | firepower_threat_defense_software | 7.4.2.2 |
| cisco | firepower_threat_defense_software | 7.4.2.3 |
| cisco | firepower_threat_defense_software | 7.4.2.4 |
| cisco | firepower_threat_defense_software | 7.6.0 |
| cisco | firepower_threat_defense_software | 7.7.0 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
