CVE-2026-20064
Received Received - Intake
Improper Input Validation in Cisco FTD Causes DoS

Publication date: 2026-03-04

Last updated on: 2026-04-28

Assigner: Cisco Systems, Inc.

Description
A vulnerability in of Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, local attacker to cause the device to unexpectedly reload, causing a denial of service (DoS) condition. This vulnerability is due to improper validation of user-supplied input. An attacker with a low-privileged account could exploit this vulnerability by using crafted commands at the CLI prompt. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-04
Last Modified
2026-04-28
Generated
2026-06-16
AI Q&A
2026-03-04
EPSS Evaluated
2026-06-15
NVD
CVE-2026-20064
EUVD
EUVD-2026-9483
Affected Vendors & Products
Showing 76 associated CPEs
Vendor Product Version / Range
cisco firepower_threat_defense_software 6.2.3
cisco firepower_threat_defense_software 6.4.0
cisco firepower_threat_defense_software 6.4.0.1
cisco firepower_threat_defense_software 6.4.0.3
cisco firepower_threat_defense_software 6.4.0.2
cisco firepower_threat_defense_software 6.4.0.4
cisco firepower_threat_defense_software 6.4.0.5
cisco firepower_threat_defense_software 6.4.0.6
cisco firepower_threat_defense_software 6.4.0.7
cisco firepower_threat_defense_software 6.4.0.8
cisco firepower_threat_defense_software 6.4.0.9
cisco firepower_threat_defense_software 6.4.0.10
cisco firepower_threat_defense_software 6.4.0.11
cisco firepower_threat_defense_software 6.4.0.12
cisco firepower_threat_defense_software 6.4.0.13
cisco firepower_threat_defense_software 6.4.0.14
cisco firepower_threat_defense_software 6.4.0.15
cisco firepower_threat_defense_software 6.4.0.16
cisco firepower_threat_defense_software 6.4.0.17
cisco firepower_threat_defense_software 7.0.0
cisco firepower_threat_defense_software 7.0.0.1
cisco firepower_threat_defense_software 7.0.1
cisco firepower_threat_defense_software 7.0.1.1
cisco firepower_threat_defense_software 7.0.2
cisco firepower_threat_defense_software 7.0.2.1
cisco firepower_threat_defense_software 7.0.3
cisco firepower_threat_defense_software 7.0.4
cisco firepower_threat_defense_software 7.0.5
cisco firepower_threat_defense_software 7.0.6
cisco firepower_threat_defense_software 7.0.6.1
cisco firepower_threat_defense_software 7.1.0
cisco firepower_threat_defense_software 7.1.0.1
cisco firepower_threat_defense_software 7.1.0.2
cisco firepower_threat_defense_software 7.1.0.3
cisco firepower_threat_defense_software 7.2.0
cisco firepower_threat_defense_software 7.2.0.1
cisco firepower_threat_defense_software 7.2.1
cisco firepower_threat_defense_software 7.2.2
cisco firepower_threat_defense_software 7.2.3
cisco firepower_threat_defense_software 7.2.4
cisco firepower_threat_defense_software 7.2.4.1
cisco firepower_threat_defense_software 7.2.5
cisco firepower_threat_defense_software 7.2.5.1
cisco firepower_threat_defense_software 7.3.0
cisco firepower_threat_defense_software 7.3.1
cisco firepower_threat_defense_software 7.3.1.1
cisco firepower_threat_defense_software 7.4.0
cisco firepower_threat_defense_software 7.4.1
cisco firepower_threat_defense_software 7.4.1.1
cisco firepower_threat_defense_software 7.3.1.2
cisco firepower_threat_defense_software 7.2.8.1
cisco firepower_threat_defense_software 7.2.8
cisco firepower_threat_defense_software 7.2.5.2
cisco firepower_threat_defense_software 7.2.7
cisco firepower_threat_defense_software 7.2.6
cisco firepower_threat_defense_software 7.0.6.2
cisco firepower_threat_defense_software 6.4.0.18
cisco firepower_threat_defense_software 7.4.2
cisco firepower_threat_defense_software 7.0.6.3
cisco firepower_threat_defense_software 7.0.7
cisco firepower_threat_defense_software 7.0.8
cisco firepower_threat_defense_software 7.0.8.1
cisco firepower_threat_defense_software 7.2.9
cisco firepower_threat_defense_software 7.4.2.1
cisco firepower_threat_defense_software 7.4.2.2
cisco firepower_threat_defense_software 7.4.2.3
cisco firepower_threat_defense_software 7.4.2.4
cisco firepower_threat_defense_software 7.6.0
cisco firepower_threat_defense_software 7.7.0
cisco firepower_threat_defense_software 7.2.10
cisco firepower_threat_defense_software 7.2.10.2
cisco firepower_threat_defense_software 7.6.1
cisco firepower_threat_defense_software 7.6.2
cisco firepower_threat_defense_software 7.6.2.1
cisco firepower_threat_defense_software 7.7.10
cisco firepower_threat_defense_software 7.7.10.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-476 The product dereferences a pointer that it expects to be valid but is NULL.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Detection Guidance

I don't know

Mitigation Strategies

I don't know

Compliance Impact

I don't know

Executive Summary

This vulnerability exists in Cisco Secure Firewall Threat Defense (FTD) Software and allows an authenticated local attacker with low privileges to cause the device to unexpectedly reload.

The issue arises from improper validation of user-supplied input, which can be exploited by using specially crafted commands at the command-line interface (CLI) prompt.

Successful exploitation results in the device reloading unexpectedly, leading to a denial of service (DoS) condition.

Impact Analysis

The primary impact of this vulnerability is a denial of service (DoS) condition on the affected Cisco Secure Firewall Threat Defense device.

An attacker with low-privileged access can cause the device to reload unexpectedly, which can disrupt network security operations and potentially cause downtime.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-20064. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart