CVE-2026-20101 - Vulnerability Analysis
HighCVSS: 8.6Last Updated: March 4, 2026
Cisco Secure Firewall ASA & Secure FTD - Denial of Service
Published: March 4, 2026Updated: March 4, 2026Remote Exploitable
Overview
Cisco Secure Firewall ASA Software and Secure FTD Software contain a denial of service vulnerability caused by insufficient error checking in SAML 2.0 SSO message processing, letting unauthenticated remote attackers cause device reloads, exploit requires sending crafted SAML messages.
Severity & Score
Severity: High
CVSS Score: 8.6
Impact
Unauthenticated remote attackers can cause device reloads, resulting in denial of service.
Mitigation
Update to the latest available version of Cisco Secure Firewall ASA Software and Secure FTD Software.
Related Resources
Details
- CVE ID
- CVE-2026-20101
- Severity
- High
- CVSS Score
- 8.6
- Type
- denial_of_service
- Status
- new
CWE
- CWE-330
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H