Description
A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. To exploit this vulnerability, the attacker must have the OSPF secret key.

This vulnerability is due to heap corruption in OSPF when parsing packets. An attacker could exploit this vulnerability by sending crafted packets to the OSPF service. A successful exploit could allow the attacker to corrupt the heap, causing the affected device to reload, resulting in a DoS condition.
Published: 2026-03-04
Score: 6.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service (Device Restart)
Action: Patch ASAP
AI Analysis

Impact

A flaw in the OSPF implementation of Cisco Secure Firewall ASA and FTD software leads to heap corruption when parsing OSPF packets. The vulnerability is triggered by crafted packets that exploit a buffer overflow (CWE‑119). A successful exploitation causes the device to reload unexpectedly, resulting in a denial‑of‑service condition. The flaw requires the attacker to possess the OSPF secret key, so it is an authenticated vulnerability.

Affected Systems

Affected products include Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software. Specific versions are not enumerated in the advisory, so all currently deployed releases may be impacted until Cisco releases a patch.

Risk and Exploitability

The CVSS v3 score of 6.8 classifies the issue as medium severity, while the EPSS score of less than 1% indicates a very low probability of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog. An attacker would need to be on an adjacent network segment and possess OSPF authentication credentials to send the malicious OSPF packets, making the attack feasible for insiders or compromised neighboring devices.

Generated by OpenCVE AI on April 16, 2026 at 13:12 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the Cisco‑released firmware update that fixes the OSPF heap corruption.
  • Temporarily disable OSPF on the affected device until the patch is applied.
  • Isolate the device from adjacent networks or restrict OSPF traffic pending remediation.

Generated by OpenCVE AI on April 16, 2026 at 13:12 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 16 Apr 2026 13:30:00 +0000

Type Values Removed Values Added
Title OSPF Heap Corruption Causing Device Restart on Cisco Secure Firewall ASA and FTD

Thu, 05 Mar 2026 09:15:00 +0000

Type Values Removed Values Added
First Time appeared Cisco
Cisco adaptive Security Appliance Software
Cisco secure Firewall Threat Defense
Vendors & Products Cisco
Cisco adaptive Security Appliance Software
Cisco secure Firewall Threat Defense

Wed, 04 Mar 2026 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 04 Mar 2026 19:00:00 +0000

Type Values Removed Values Added
Description A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. To exploit this vulnerability, the attacker must have the OSPF secret key. This vulnerability is due to heap corruption in OSPF when parsing packets. An attacker could exploit this vulnerability by sending crafted packets to the OSPF service. A successful exploit could allow the attacker to corrupt the heap, causing the affected device to reload, resulting in a DoS condition.
Weaknesses CWE-119
References
Metrics cvssV3_1

{'score': 6.8, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H'}

Subscriptions

Cisco Adaptive Security Appliance Software Secure Firewall Threat Defense
cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published:

Updated: 2026-03-04T21:35:32.855Z

Reserved: 2025-10-08T11:59:15.352Z

Link: CVE-2026-20024

cve-icon Vulnrichment

Updated: 2026-03-04T21:35:29.186Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-04T19:16:15.113

Modified: 2026-03-05T19:39:11.967

Link: CVE-2026-20024

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T13:15:06Z

Weaknesses