—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Multiple Vulnerabilities in CISCO

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: HIGH

Software Affected

Cisco Secure Firewall ASA Software

Overview

Multiple vulnerabilities have been reported in the  handling of the embryonic connection limits in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software could allow unauthenticated, remote attacker to cause incoming TCP SYN packets to be dropped incorrectly, local attacker with administrative privileges in one context to copy files to or from another context, including configuration files.

Target Audience: 

All IT administrators and individuals responsible for maintaining and updating in Software.

Risk Assessment:

High risk of data manipulation and service disruption.

Impact Assessment:

Potential impact on confidentiality, integrity, and availability of the system.

Description

1. Denial of service Vulnerability    ( CVE-2026-20082   )

This vulnerability exists due to improper handling of new, incoming TCP connections that are destined to management or data interfaces when the device is under a TCP SYN flood attack. An attacker could exploit this vulnerability by sending a crafted stream of traffic to an affected device.

Successful exploitation of this vulnerability could allow the attacker to prevent all incoming TCP connections to the device from being established, including remote management access, Remote Access VPN (RAVPN) connections, and all network protocols that are TCP-based. This results in a denial of service (DoS) condition for affected features.

2. Unauthorized File Access Vulnerability ( CVE-2026-20062   )

This vulnerability exists due to improper access controls for Secure Copy Protocol (SCP) operations when the Cisco SSH stack is enabled. An attacker could exploit this vulnerability by authenticating to a non-admin context of the device and issuing crafted SCP copy commands in that non-admin context.

Successful exploitation of this vulnerability could allow the attacker to read, create, or overwrite sensitive files that belong to another context, including the admin and system contexts.

Solution

Apply appropriate updates as mentioned in Cisco Advisory

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-FCvLD6vR

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-scpcxt-filecpy-rgeP73nE

Vendor Information

CISCO

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-FCvLD6vR

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-scpcxt-filecpy-rgeP73nE

References

CISCO

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-FCvLD6vR

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-scpcxt-filecpy-rgeP73nE

CVE Name

CVE-2026-20082

CVE-2026-20062

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmmwFiwACgkQ3jCgcSdc

ys/9Cg//Y2aj6H9kM+85H5WPLC2WfR1ilr2XMXIlSPR1V0ZxjazwwupPIdGfuCC0

eifHFwQ2uCApTqVI6T6NFVmxijAo3BywLPlBaFFz4KFgssP8/p5PypmuIHt1zyZC

CqZK2QUmyf48TPzEAyVmJscAE/HUlJ4ZeH+fz3jkxSsoJEHZkwIlPA8ppjXAmR93

f0WLO3/C8w4Kqsc9IkCCzIYOwU6d2YnPRjlwoqBAklgUrE8nwSp84e54TsupzX5I

oQKbW0Ex3P7TOwa/3th+3gj/DYUAHxrkjUMcyjHfDPyGhfuAaWtOU9YtkBhz7m7+

GdreUxDP/usqSOAtdwzrXEwhkDn+fAZ+k5jfwRMDSABVWkNh+NlFaUC6PIfTBfxd

8jZrirnLnktVrV7JLZVUbApvzdwIhrYuUfrwGaFf+ChsiapUU90/s5ZISRHOm4fV

5MiWCJrkxNRW32gZby/+Me6OobtN+XpMOCR1bMUQsiowbBj4FdUS2wST3I/CISFN

zAy3qcHvSUHYBdJqHhBPk6fOpTJD3Ffc3v0jQ6VAj6rSyttFRtvp1ZCyHlZvOceU

tmSNq9MG0UuqW1OLqIHj1/wSvW8tFWvaWZSL0GAEYIQNJc8sfss9k/ZteiToMr9w

h+tXngVxI6GDZysAzpFjS8eUZnULrfmIzBwH6/8kOkImOhQdwYE=

=RicY

—–END PGP SIGNATURE—–