Cisco ASA/FTD: Cluster Replication RMEM Bypass (CVE-2026-20073)
CVE-2026-20073 Published on March 4, 2026
Cisco Secure Firewall Adaptive Security Appliance Software and Cisco Secure Firewall Threat Defense Software Access Control List Bypass Vulnerability
A vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to send traffic that should be denied through an affected device.
This vulnerability is due to improper error handling when an affected device that is joining a cluster runs out of memory while replicating access control rules. An attacker could exploit this vulnerability by sending traffic that should be blocked through the device. A successful exploit could allow the attacker to bypass access controls and reach devices in protected networks.
Vulnerability Analysis
CVE-2026-20073 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, with no impact on integrity, and no impact on availability.
Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
NONE
User Interaction:
NONE
Scope:
CHANGED
Confidentiality Impact:
NONE
Integrity Impact:
LOW
Availability Impact:
NONE
Weakness Type
What is an Authorization Vulnerability?
The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CVE-2026-20073 has been classified to as an Authorization vulnerability or weakness.
Products Associated with CVE-2026-20073
Want to know whenever a new CVE is published for Cisco Adaptive Security Appliance? stack.watch will email you.
Affected Versions
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software:- Version 9.12.3 is affected.
- Version 9.12.1 is affected.
- Version 9.12.2 is affected.
- Version 9.12.4 is affected.
- Version 9.12.3.2 is affected.
- Version 9.12.3.7 is affected.
- Version 9.12.2.5 is affected.
- Version 9.12.3.12 is affected.
- Version 9.12.1.3 is affected.
- Version 9.12.2.4 is affected.
- Version 9.12.1.2 is affected.
- Version 9.12.2.9 is affected.
- Version 9.12.3.9 is affected.
- Version 9.12.2.1 is affected.
- Version 9.12.4.2 is affected.
- Version 9.12.4.4 is affected.
- Version 9.12.4.7 is affected.
- Version 9.12.4.8 is affected.
- Version 9.12.4.10 is affected.
- Version 9.12.4.13 is affected.
- Version 9.12.4.18 is affected.
- Version 9.12.4.24 is affected.
- Version 9.16.1 is affected.
- Version 9.12.4.26 is affected.
- Version 9.16.1.28 is affected.
- Version 9.12.4.29 is affected.
- Version 9.16.2 is affected.
- Version 9.12.4.30 is affected.
- Version 9.16.2.3 is affected.
- Version 9.12.4.35 is affected.
- Version 9.16.2.7 is affected.
- Version 9.12.4.37 is affected.
- Version 9.17.1 is affected.
- Version 9.16.2.11 is affected.
- Version 9.16.2.13 is affected.
- Version 9.12.4.39 is affected.
- Version 9.12.4.38 is affected.
- Version 9.16.2.14 is affected.
- Version 9.17.1.7 is affected.
- Version 9.12.4.40 is affected.
- Version 9.16.3.3 is affected.
- Version 9.16.3 is affected.
- Version 9.16.3.14 is affected.
- Version 9.17.1.9 is affected.
- Version 9.12.4.41 is affected.
- Version 9.17.1.10 is affected.
- Version 9.18.1 is affected.
- Version 9.12.4.47 is affected.
- Version 9.16.3.15 is affected.
- Version 9.18.1.3 is affected.
- Version 9.17.1.11 is affected.
- Version 9.12.4.48 is affected.
- Version 9.18.2 is affected.
- Version 9.16.3.19 is affected.
- Version 9.17.1.13 is affected.
- Version 9.12.4.50 is affected.
- Version 9.17.1.15 is affected.
- Version 9.12.4.52 is affected.
- Version 9.16.3.23 is affected.
- Version 9.18.2.5 is affected.
- Version 9.16.4 is affected.
- Version 9.12.4.54 is affected.
- Version 9.17.1.20 is affected.
- Version 9.18.2.7 is affected.
- Version 9.19.1 is affected.
- Version 9.16.4.9 is affected.
- Version 9.12.4.55 is affected.
- Version 9.18.2.8 is affected.
- Version 9.16.4.14 is affected.
- Version 9.18.3 is affected.
- Version 9.19.1.5 is affected.
- Version 9.12.4.56 is affected.
- Version 9.17.1.30 is affected.
- Version 9.19.1.9 is affected.
- Version 9.18.3.39 is affected.
- Version 9.16.4.19 is affected.
- Version 9.12.4.58 is affected.
- Version 9.19.1.12 is affected.
- Version 9.18.3.46 is affected.
- Version 9.16.4.27 is affected.
- Version 9.19.1.18 is affected.
- Version 9.18.3.53 is affected.
- Version 9.18.3.55 is affected.
- Version 9.16.4.38 is affected.
- Version 9.17.1.33 is affected.
- Version 9.12.4.62 is affected.
- Version 9.16.4.39 is affected.
- Version 9.18.3.56 is affected.
- Version 9.20.1 is affected.
- Version 9.16.4.42 is affected.
- Version 9.19.1.22 is affected.
- Version 9.18.4 is affected.
- Version 9.20.1.5 is affected.
- Version 9.18.4.5 is affected.
- Version 9.19.1.24 is affected.
- Version 9.16.4.48 is affected.
- Version 9.18.4.8 is affected.
- Version 9.20.2 is affected.
- Version 9.19.1.27 is affected.
- Version 9.12.4.65 is affected.
- Version 9.16.4.55 is affected.
- Version 9.18.4.22 is affected.
- Version 9.20.2.10 is affected.
- Version 9.16.4.57 is affected.
- Version 9.19.1.28 is affected.
- Version 9.17.1.39 is affected.
- Version 9.12.4.67 is affected.
- Version 9.18.4.24 is affected.
- Version 9.20.2.21 is affected.
- Version 9.16.4.61 is affected.
- Version 9.19.1.31 is affected.
- Version 9.18.4.29 is affected.
- Version 9.20.2.22 is affected.
- Version 9.16.4.62 is affected.
- Version 9.18.4.34 is affected.
- Version 9.20.3 is affected.
- Version 9.16.4.67 is affected.
- Version 9.16.4.70 is affected.
- Version 9.18.4.40 is affected.
- Version 9.23.1 is affected.
- Version 9.22.1.1 is affected.
- Version 9.16.4.71 is affected.
- Version 9.20.3.4 is affected.
- Version 9.18.4.47 is affected.
- Version 9.20.3.7 is affected.
- Version 9.17.1.45 is affected.
- Version 9.19.1.37 is affected.
- Version 9.17.1.46 is affected.
- Version 9.16.4.76 is affected.
- Version 9.20.3.9 is affected.
- Version 9.19.1.38 is affected.
- Version 9.18.4.50 is affected.
- Version 9.22.1.3 is affected.
- Version 9.20.3.10 is affected.
- Version 9.22.1.2 is affected.
- Version 9.18.4.52 is affected.
- Version 9.20.3.13 is affected.
- Version 9.22.1.6 is affected.
- Version 9.18.4.53 is affected.
- Version 9.16.4.82 is affected.
- Version 9.22.2 is affected.
- Version 9.20.3.16 is affected.
- Version 9.19.1.42 is affected.
- Version 9.18.4.57 is affected.
- Version 9.16.4.84 is affected.
- Version 9.23.1.3 is affected.
- Version 9.20.3.20 is affected.
- Version 9.22.2.4 is affected.
- Version 9.23.1.7 is affected.
- Version 9.20.4 is affected.
- Version 9.22.2.9 is affected.
- Version 9.23.1.13 is affected.
- Version 9.20.4.7 is affected.
- Version 9.22.2.13 is affected.
- Version 9.18.4.66 is affected.
- Version 9.20.4.10 is affected.
- Version 9.23.1.19 is affected.
- Version 9.18.4.67 is affected.
- Version 9.18.4.68 is affected.
- Version 6.4.0.1 is affected.
- Version 6.4.0.2 is affected.
- Version 6.4.0.5 is affected.
- Version 6.4.0 is affected.
- Version 6.4.0.3 is affected.
- Version 6.4.0.4 is affected.
- Version 6.4.0.6 is affected.
- Version 6.4.0.7 is affected.
- Version 6.4.0.8 is affected.
- Version 6.4.0.9 is affected.
- Version 6.4.0.10 is affected.
- Version 6.4.0.11 is affected.
- Version 6.4.0.12 is affected.
- Version 7.0.0 is affected.
- Version 7.0.0.1 is affected.
- Version 7.0.1 is affected.
- Version 7.1.0 is affected.
- Version 6.4.0.13 is affected.
- Version 7.0.1.1 is affected.
- Version 6.4.0.14 is affected.
- Version 7.1.0.1 is affected.
- Version 7.0.2 is affected.
- Version 6.4.0.15 is affected.
- Version 7.2.0 is affected.
- Version 7.0.2.1 is affected.
- Version 7.0.3 is affected.
- Version 7.1.0.2 is affected.
- Version 7.2.0.1 is affected.
- Version 7.0.4 is affected.
- Version 7.2.1 is affected.
- Version 7.0.5 is affected.
- Version 6.4.0.16 is affected.
- Version 7.3.0 is affected.
- Version 7.2.2 is affected.
- Version 7.2.3 is affected.
- Version 7.3.1 is affected.
- Version 7.1.0.3 is affected.
- Version 7.2.4 is affected.
- Version 7.0.6 is affected.
- Version 7.2.5 is affected.
- Version 7.2.4.1 is affected.
- Version 7.3.1.1 is affected.
- Version 7.4.0 is affected.
- Version 6.4.0.17 is affected.
- Version 7.0.6.1 is affected.
- Version 7.2.5.1 is affected.
- Version 7.4.1 is affected.
- Version 7.2.6 is affected.
- Version 7.0.6.2 is affected.
- Version 7.4.1.1 is affected.
- Version 6.4.0.18 is affected.
- Version 7.2.7 is affected.
- Version 7.2.5.2 is affected.
- Version 7.3.1.2 is affected.
- Version 7.2.8 is affected.
- Version 7.6.0 is affected.
- Version 7.4.2 is affected.
- Version 7.2.8.1 is affected.
- Version 7.0.6.3 is affected.
- Version 7.4.2.1 is affected.
- Version 7.2.9 is affected.
- Version 7.0.7 is affected.
- Version 7.7.0 is affected.
- Version 7.4.2.2 is affected.
- Version 7.2.10 is affected.
- Version 7.6.1 is affected.
- Version 7.4.2.3 is affected.
- Version 7.0.8 is affected.
- Version 7.6.2 is affected.
- Version 7.7.10 is affected.
- Version 7.0.8.1 is affected.
- Version 7.6.2.1 is affected.
- Version 7.7.10.1 is affected.
- Version 7.4.2.4 is affected.
- Version 7.2.10.2 is affected.
Exploit Probability
EPSS
0.05%
Percentile
16.80%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.