CVE-2026-20101

EUVD-2026-9440

04.03.2026, 18:16

A vulnerability in the SAML 2.0 single sign-on (SSO) feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a DoS condition.

 This vulnerability is due to insufficient error checking when processing SAML messages. An attacker could exploit this vulnerability by sending crafted SAML messages to the SAML service. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	8.6 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Affected Products (NVD)

Vendor	Product	Version
cisco	adaptive_security_appliance_software	9.12.1 ≤ 𝑥 < 9.16.4.85
cisco	adaptive_security_appliance_software	9.17.1 ≤ 𝑥 < 9.18.4.66
cisco	adaptive_security_appliance_software	9.19.1 ≤ 𝑥 < 9.20.4
cisco	adaptive_security_appliance_software	9.22.1.1 ≤ 𝑥 < 9.22.2.4
cisco	adaptive_security_appliance_software	9.23.1 ≤ 𝑥 < 9.23.1.7
cisco	firepower_threat_defense_software	6.4.0 ≤ 𝑥 < 7.0.9
cisco	firepower_threat_defense_software	7.1.0 ≤ 𝑥 < 7.2.11
cisco	firepower_threat_defense_software	7.3.0 ≤ 𝑥 < 7.4.3
cisco	firepower_threat_defense_software	7.6.0 ≤ 𝑥 < 7.6.4
cisco	firepower_threat_defense_software	7.7.0 ≤ 𝑥 < 7.7.11

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-330 - Use of Insufficiently Random Values
The software uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-vpn-m9sx6MbC