CVE-2026-20064 | THREATINT

Description

A vulnerability in of Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, local attacker to cause the device to unexpectedly reload, causing a denial of service (DoS) condition. This vulnerability is due to improper validation of user-supplied input. An attacker with a low-privileged account could exploit this vulnerability by using crafted commands at the CLI prompt. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

PUBLISHED Reserved 2025-10-08 | Published 2026-03-04 | Updated 2026-03-04 | Assigner cisco

MEDIUM: 6.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Problem types

NULL Pointer Dereference

Product status

6.4.0

affected

6.4.0.1

affected

6.4.0.3

affected

6.4.0.2

affected

6.4.0.4

affected

6.4.0.5

affected

6.4.0.6

affected

6.4.0.7

affected

6.4.0.8

affected

6.4.0.9

affected

6.4.0.10

affected

6.4.0.11

affected

6.4.0.12

affected

6.4.0.13

affected

6.4.0.14

affected

6.4.0.15

affected

6.4.0.16

affected

6.4.0.17

affected

6.4.0.18

affected

7.0.0

affected

7.0.0.1

affected

7.0.1

affected

7.0.1.1

affected

7.0.2

affected

7.0.2.1

affected

7.0.3

affected

7.0.4

affected

7.0.5

affected

7.0.6

affected

7.0.6.1

affected

7.0.6.2

affected

7.0.6.3

affected

7.0.7

affected

7.0.8

affected

7.0.8.1

affected

7.1.0

affected

7.1.0.1

affected

7.1.0.2

affected

7.1.0.3

affected

7.2.0

affected

7.2.0.1

affected

7.2.1

affected

7.2.2

affected

7.2.3

affected

7.2.4

affected

7.2.4.1

affected

7.2.5

affected

7.2.5.1

affected

7.2.6

affected

7.2.7

affected

7.2.5.2

affected

7.2.8

affected

7.2.8.1

affected

7.2.9

affected

7.2.10

affected

7.2.10.2

affected

7.3.0

affected

7.3.1

affected

7.3.1.1

affected

7.3.1.2

affected

7.4.0

affected

7.4.1

affected

7.4.1.1

affected

7.4.2

affected

7.4.2.1

affected

7.4.2.2

affected

7.4.2.3

affected

7.4.2.4

affected

7.6.0

affected

7.6.1

affected

7.6.2

affected

7.6.2.1

affected

7.7.0

affected

7.7.10

affected

7.7.10.1

affected

References

sec.cloudapps.cisco.com/...ory/cisco-sa-ftd-cmd-inj-mTzGZexf (cisco-sa-ftd-cmd-inj-mTzGZexf)

cve.org (CVE-2026-20064)

nvd.nist.gov (CVE-2026-20064)

Download JSON