Home / Vulnerability Intelligence / CVE-2026-20012

CVE-2026-20012 - Vulnerability Analysis

HighCVSS: 8.6

Last Updated: March 26, 2026

Cisco IOS & Secure Firewall - Denial of Service

Published: March 25, 2026Updated: March 26, 2026Remote Exploitable

Overview

Cisco IOS, IOS XE, Secure Firewall ASA, and Secure FTD Software contain a denial of service vulnerability caused by improper parsing of IKEv2 packets, letting unauthenticated remote attackers trigger memory leaks and cause device reload or instability, exploit requires sending crafted IKEv2 packets.

Severity & Score

Severity: High

CVSS Score: 8.6

EPSS Score: 9.9%(Probability of exploitation in next 30 days)

Impact

Unauthenticated remote attackers can cause device reload or memory exhaustion, leading to denial of service and system instability.

Mitigation

Update to the latest available versions of Cisco IOS, IOS XE, Secure Firewall ASA, and Secure FTD Software.

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ios-dos-kPEpQGGK

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Mar 25, 2026

🟠 CVE-2026-20012 - High (8.6) A vulnerability in the Internet Key Exchange version 2 (IKEv2) feature of Cisco IOS Software, Cisco IOS XE Software, Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, and Cisco Secure Firewall Threat Defense (FTD) Software could al... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20012/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2026-20012
Severity: High
CVSS Score: 8.6
Type: undefined
Status: unconfirmed
EPSS: 9.9%
Social Posts: 1

CWE

CWE-401

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS Score

9.9%Probability of exploitation in the next 30 days