Description
A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. To exploit this vulnerability, the attacker must have the OSPF secret key.

This vulnerability is due to insufficient input validation when processing OSPF link-state update (LSU) packets. An attacker could exploit this vulnerability by sending crafted OSPF LSU packets. A successful exploit could allow the attacker to corrupt the heap, causing the device to reload, resulting in a DoS condition.
Published: 2026-03-04
Score: 6.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Patch ASAP
AI Analysis

Impact

A flaw in how Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Threat Defense (FTD) Software validate OSPF link‑state update packets allows an authenticated adjacent attacker who possesses the OSPF secret key to craft packets that corrupt the device’s heap, causing it to reload unexpectedly and create a denial‑of‑service condition. This vulnerability maps to integer or buffer overflow weaknesses (CWE‑190) and affects only the availability of the firewall or threat defense device.

Affected Systems

Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software are impacted. The advisory does not disclose specific vulnerable version numbers.

Risk and Exploitability

The vulnerability rates a CVSS base score of 6.8, indicating medium severity. EPSS is below 1 %, implying a very low but realistic exploitation probability. It is not listed in CISA’s KEV catalog, so no confirmed production exploits are known. An attacker must be authenticated on the data‑plane border, possess the OSPF secret key, and send crafted OSPF LSU packets over an adjacent interface to trigger a forced reload and a temporary denial of service.

Generated by OpenCVE AI on April 16, 2026 at 13:11 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the ASA or FTD to a version that contains the fix referenced in the Cisco advisory.
  • If updating immediately is not feasible, disable OSPF on the affected interfaces or remove the OSPF secret key to prevent authenticated attacks.
  • Restrict OSPF adjacencies to trusted hosts and apply network segmentation to limit who can send LSU packets.

Generated by OpenCVE AI on April 16, 2026 at 13:11 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 16 Apr 2026 13:30:00 +0000

Type Values Removed Values Added
Title OSPFLSU‑Induced Heap Corruption Leading to Reload and DoS in Cisco ASA and FTD

Thu, 05 Mar 2026 09:15:00 +0000

Type Values Removed Values Added
First Time appeared Cisco
Cisco adaptive Security Appliance Software
Cisco secure Firewall Threat Defense
Vendors & Products Cisco
Cisco adaptive Security Appliance Software
Cisco secure Firewall Threat Defense

Wed, 04 Mar 2026 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 04 Mar 2026 19:00:00 +0000

Type Values Removed Values Added
Description A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. To exploit this vulnerability, the attacker must have the OSPF secret key. This vulnerability is due to insufficient input validation when processing OSPF link-state update (LSU) packets. An attacker could exploit this vulnerability by sending crafted OSPF LSU packets. A successful exploit could allow the attacker to corrupt the heap, causing the device to reload, resulting in a DoS condition.
Weaknesses CWE-190
References
Metrics cvssV3_1

{'score': 6.8, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H'}

Subscriptions

Cisco Adaptive Security Appliance Software Secure Firewall Threat Defense
cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published:

Updated: 2026-03-04T21:35:13.593Z

Reserved: 2025-10-08T11:59:15.352Z

Link: CVE-2026-20025

cve-icon Vulnrichment

Updated: 2026-03-04T21:34:59.047Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-04T19:16:15.547

Modified: 2026-03-05T19:39:11.967

Link: CVE-2026-20025

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T13:15:06Z

Weaknesses