{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-20064", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "dateReserved": "2025-10-08T11:59:15.357Z", "datePublished": "2026-03-04T18:36:25.603Z", "dateUpdated": "2026-03-04T19:05:59.053Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2026-03-04T18:36:25.603Z"}, "descriptions": [{"lang": "en", "value": "A vulnerability in of Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, local attacker to cause the device to unexpectedly reload, causing a denial of service (DoS) condition.\r\n\r This vulnerability is due to improper validation of user-supplied input. An attacker with a low-privileged account could exploit this vulnerability by using crafted commands at the CLI prompt. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."}], "affected": [{"vendor": "Cisco", "product": "Cisco Secure Firewall Threat Defense (FTD) Software", "versions": [{"version": "6.4.0", "status": "affected"}, {"version": "6.4.0.1", "status": "affected"}, {"version": "6.4.0.3", "status": "affected"}, {"version": "6.4.0.2", "status": "affected"}, {"version": "6.4.0.4", "status": "affected"}, {"version": "6.4.0.5", "status": "affected"}, {"version": "6.4.0.6", "status": "affected"}, {"version": "6.4.0.7", "status": "affected"}, {"version": "6.4.0.8", "status": "affected"}, {"version": "6.4.0.9", "status": "affected"}, {"version": "6.4.0.10", "status": "affected"}, {"version": "6.4.0.11", "status": "affected"}, {"version": "6.4.0.12", "status": "affected"}, {"version": "6.4.0.13", "status": "affected"}, {"version": "6.4.0.14", "status": "affected"}, {"version": "6.4.0.15", "status": "affected"}, {"version": "6.4.0.16", "status": "affected"}, {"version": "6.4.0.17", "status": "affected"}, {"version": "6.4.0.18", "status": "affected"}, {"version": "7.0.0", "status": "affected"}, {"version": "7.0.0.1", "status": "affected"}, {"version": "7.0.1", "status": "affected"}, {"version": "7.0.1.1", "status": "affected"}, {"version": "7.0.2", "status": "affected"}, {"version": "7.0.2.1", "status": "affected"}, {"version": "7.0.3", "status": "affected"}, {"version": "7.0.4", "status": "affected"}, {"version": "7.0.5", "status": "affected"}, {"version": "7.0.6", "status": "affected"}, {"version": "7.0.6.1", "status": "affected"}, {"version": "7.0.6.2", "status": "affected"}, {"version": "7.0.6.3", "status": "affected"}, {"version": "7.0.7", "status": "affected"}, {"version": "7.0.8", "status": "affected"}, {"version": "7.0.8.1", "status": "affected"}, {"version": "7.1.0", "status": "affected"}, {"version": "7.1.0.1", "status": "affected"}, {"version": "7.1.0.2", "status": "affected"}, {"version": "7.1.0.3", "status": "affected"}, {"version": "7.2.0", "status": "affected"}, {"version": "7.2.0.1", "status": "affected"}, {"version": "7.2.1", "status": "affected"}, {"version": "7.2.2", "status": "affected"}, {"version": "7.2.3", "status": "affected"}, {"version": "7.2.4", "status": "affected"}, {"version": "7.2.4.1", "status": "affected"}, {"version": "7.2.5", "status": "affected"}, {"version": "7.2.5.1", "status": "affected"}, {"version": "7.2.6", "status": "affected"}, {"version": "7.2.7", "status": "affected"}, {"version": "7.2.5.2", "status": "affected"}, {"version": "7.2.8", "status": "affected"}, {"version": "7.2.8.1", "status": "affected"}, {"version": "7.2.9", "status": "affected"}, {"version": "7.2.10", "status": "affected"}, {"version": "7.2.10.2", "status": "affected"}, {"version": "7.3.0", "status": "affected"}, {"version": "7.3.1", "status": "affected"}, {"version": "7.3.1.1", "status": "affected"}, {"version": "7.3.1.2", "status": "affected"}, {"version": "7.4.0", "status": "affected"}, {"version": "7.4.1", "status": "affected"}, {"version": "7.4.1.1", "status": "affected"}, {"version": "7.4.2", "status": "affected"}, {"version": "7.4.2.1", "status": "affected"}, {"version": "7.4.2.2", "status": "affected"}, {"version": "7.4.2.3", "status": "affected"}, {"version": "7.4.2.4", "status": "affected"}, {"version": "7.6.0", "status": "affected"}, {"version": "7.6.1", "status": "affected"}, {"version": "7.6.2", "status": "affected"}, {"version": "7.6.2.1", "status": "affected"}, {"version": "7.7.0", "status": "affected"}, {"version": "7.7.10", "status": "affected"}, {"version": "7.7.10.1", "status": "affected"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "NULL Pointer Dereference", "type": "cwe", "cweId": "CWE-476"}]}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmd-inj-mTzGZexf", "name": "cisco-sa-ftd-cmd-inj-mTzGZexf"}], "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}], "source": {"advisory": "cisco-sa-ftd-cmd-inj-mTzGZexf", "discovery": "INTERNAL", "defects": ["CSCwq01526"]}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-04T19:05:49.783559Z", "id": "CVE-2026-20064", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-04T19:05:59.053Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-20064", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-04T19:05:49.783559Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-04T19:05:52.671Z"}}], "cna": {"source": {"defects": ["CSCwq01526"], "advisory": "cisco-sa-ftd-cmd-inj-mTzGZexf", "discovery": "INTERNAL"}, "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "Cisco", "product": "Cisco Secure Firewall Threat Defense (FTD) Software", "versions": [{"status": "affected", "version": "6.4.0"}, {"status": "affected", "version": "6.4.0.1"}, {"status": "affected", "version": "6.4.0.3"}, {"status": "affected", "version": "6.4.0.2"}, {"status": "affected", "version": "6.4.0.4"}, {"status": "affected", "version": "6.4.0.5"}, {"status": "affected", "version": "6.4.0.6"}, {"status": "affected", "version": "6.4.0.7"}, {"status": "affected", "version": "6.4.0.8"}, {"status": "affected", "version": "6.4.0.9"}, {"status": "affected", "version": "6.4.0.10"}, {"status": "affected", "version": "6.4.0.11"}, {"status": "affected", "version": "6.4.0.12"}, {"status": "affected", "version": "6.4.0.13"}, {"status": "affected", "version": "6.4.0.14"}, {"status": "affected", "version": "6.4.0.15"}, {"status": "affected", "version": "6.4.0.16"}, {"status": "affected", "version": "6.4.0.17"}, {"status": "affected", "version": "6.4.0.18"}, {"status": "affected", "version": "7.0.0"}, {"status": "affected", "version": "7.0.0.1"}, {"status": "affected", "version": "7.0.1"}, {"status": "affected", "version": "7.0.1.1"}, {"status": "affected", "version": "7.0.2"}, {"status": "affected", "version": "7.0.2.1"}, {"status": "affected", "version": "7.0.3"}, {"status": "affected", "version": "7.0.4"}, {"status": "affected", "version": "7.0.5"}, {"status": "affected", "version": "7.0.6"}, {"status": "affected", "version": "7.0.6.1"}, {"status": "affected", "version": "7.0.6.2"}, {"status": "affected", "version": "7.0.6.3"}, {"status": "affected", "version": "7.0.7"}, {"status": "affected", "version": "7.0.8"}, {"status": "affected", "version": "7.0.8.1"}, {"status": "affected", "version": "7.1.0"}, {"status": "affected", "version": "7.1.0.1"}, {"status": "affected", "version": "7.1.0.2"}, {"status": "affected", "version": "7.1.0.3"}, {"status": "affected", "version": "7.2.0"}, {"status": "affected", "version": "7.2.0.1"}, {"status": "affected", "version": "7.2.1"}, {"status": "affected", "version": "7.2.2"}, {"status": "affected", "version": "7.2.3"}, {"status": "affected", "version": "7.2.4"}, {"status": "affected", "version": "7.2.4.1"}, {"status": "affected", "version": "7.2.5"}, {"status": "affected", "version": "7.2.5.1"}, {"status": "affected", "version": "7.2.6"}, {"status": "affected", "version": "7.2.7"}, {"status": "affected", "version": "7.2.5.2"}, {"status": "affected", "version": "7.2.8"}, {"status": "affected", "version": "7.2.8.1"}, {"status": "affected", "version": "7.2.9"}, {"status": "affected", "version": "7.2.10"}, {"status": "affected", "version": "7.2.10.2"}, {"status": "affected", "version": "7.3.0"}, {"status": "affected", "version": "7.3.1"}, {"status": "affected", "version": "7.3.1.1"}, {"status": "affected", "version": "7.3.1.2"}, {"status": "affected", "version": "7.4.0"}, {"status": "affected", "version": "7.4.1"}, {"status": "affected", "version": "7.4.1.1"}, {"status": "affected", "version": "7.4.2"}, {"status": "affected", "version": "7.4.2.1"}, {"status": "affected", "version": "7.4.2.2"}, {"status": "affected", "version": "7.4.2.3"}, {"status": "affected", "version": "7.4.2.4"}, {"status": "affected", "version": "7.6.0"}, {"status": "affected", "version": "7.6.1"}, {"status": "affected", "version": "7.6.2"}, {"status": "affected", "version": "7.6.2.1"}, {"status": "affected", "version": "7.7.0"}, {"status": "affected", "version": "7.7.10"}, {"status": "affected", "version": "7.7.10.1"}]}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmd-inj-mTzGZexf", "name": "cisco-sa-ftd-cmd-inj-mTzGZexf"}], "descriptions": [{"lang": "en", "value": "A vulnerability in of Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, local attacker to cause the device to unexpectedly reload, causing a denial of service (DoS) condition.\r\n\r This vulnerability is due to improper validation of user-supplied input. An attacker with a low-privileged account could exploit this vulnerability by using crafted commands at the CLI prompt. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "cwe", "cweId": "CWE-476", "description": "NULL Pointer Dereference"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2026-03-04T18:36:25.603Z"}}}, "cveMetadata": {"cveId": "CVE-2026-20064", "state": "PUBLISHED", "dateUpdated": "2026-03-04T19:05:59.053Z", "dateReserved": "2025-10-08T11:59:15.357Z", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2026-03-04T18:36:25.603Z", "assignerShortName": "cisco"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "02DB8AC0-A41E-41E8-BCBC-459C83347116", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "8BDAB447-1F2C-4983-89B2-E723A82BCD71", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "1A0AB352-A4ED-4DF0-B749-84078DA48FA4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "CF3B749B-2EFB-4734-B775-180A6E8627FB", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "54006F46-95F3-4785-9660-C1DF21789783", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "C61B2F7C-195B-4DBF-8C3C-0F269E56CEC0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "C35A81B4-FC1D-4E28-8235-7DAD7F1B1C43", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "C62E1E33-480B-44C7-8155-EF725ACE7A5F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "01831166-3C2C-48CC-A8DE-EEE631349C4F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "F5107E77-57C9-4C7B-A974-BAF6F01BCA12", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "1ED851EA-1BDF-4D88-83E8-53B14F7C1FF4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "279C2F98-E719-413A-A284-5AE1B28171CA", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "CBA2A3A4-12A9-4280-980E-B6D932185AEE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "5665319D-5532-4F03-8F12-4F98C5548023", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.13:*:*:*:*:*:*:*", "matchCriteriaId": "5994E2A7-118C-4E08-AF03-4F2409E55AEF", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.14:*:*:*:*:*:*:*", "matchCriteriaId": "6A7844A0-5EF6-4AD6-ACB8-E01D8579AC93", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.15:*:*:*:*:*:*:*", "matchCriteriaId": "6CD8A9AC-3FD8-4B30-8785-B541ADC4EDEF", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.16:*:*:*:*:*:*:*", "matchCriteriaId": "298441F6-BAB5-4116-BEAF-DEFB75A52CBA", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.17:*:*:*:*:*:*:*", "matchCriteriaId": "63E08CFF-68F5-45E6-B6F3-D111D33C5E2A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.18:*:*:*:*:*:*:*", "matchCriteriaId": "F58348A7-25EC-4023-B4CA-CAB35A3798C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "DDE321FE-9034-4E0F-9A32-D41443A9D86A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "09E779C6-2740-47A1-A6D5-E22C6DC7D1CE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "E794B83A-4A14-431C-B882-578CD70E412B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "292E681D-D4C0-4D85-B84C-4C9328FCD12F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "963A59C5-6EC0-4BAD-B547-EFA785707050", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "5F1551BB-37A4-4383-8AA8-DA25642B7353", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "88B6632C-4A35-4D10-B323-8C3266319114", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "638D2739-FAA7-4880-BC2F-BC632140E9DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "40098313-CC8A-49E6-8095-093881DA7107", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "C00C3A8F-34AE-443E-9B77-0532C9F11F1A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "01F32FDA-54ED-4117-8FA7-D749140F628F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "B8BA96B9-A0DD-4065-A295-FA85A33F7E84", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "04BF5898-73CB-480B-9D6E-B6A7696A6140", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "D7991D4E-57F8-48A6-A098-C70107C87F80", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "A1D2BF71-1104-477A-B15F-3A959D46ABFE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "89A7BB35-0AA6-403A-8D96-80FA61F13A77", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "B07AA16A-6DE0-4226-8A44-CDA8E26830D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "8B7AC5D5-B171-4163-BFB3-02163DD8817B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "31AD8591-C99A-4780-A742-13CFD921F46A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "173C2DA6-625C-465C-A080-E578539E30F7", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "F8288F62-8BEC-4318-8096-9D36817D1D80", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A617690D-92D7-4793-AEAC-15F31162D5F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "F9608894-B4A7-49A1-863A-D44E53D6CE69", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "3FDB77ED-AB5E-475F-A5F8-515B807E99A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "0BEE0323-AC5A-4570-9681-14CD9FB8FD46", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "F6773BC9-C84C-4249-B6C3-FD39BAAA0555", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "A4DFC6F7-2BA1-4F32-AD55-8BF0888FDB92", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "291705AE-7BAE-4305-BECA-204821BF467A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "FC683581-4B46-46A8-BBD8-CB01283641DF", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "CC2A816A-63D6-498B-B167-BE71F0019DB1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "294D71C7-FFC3-4431-88AA-E03EFAE78CCE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "FA8287D0-B817-4143-BE34-B3C7FEC7BDEF", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "9621C619-C4F8-4906-8A24-E560C08F6921", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "BB7F9C8B-35E4-459C-B31E-FCF2DAD0120E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "CB73C40D-5A5A-4851-BEFA-71CA2865EE00", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "A9AD9D74-FDDF-443D-8193-E4B5B28CC815", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "BACA483F-52CE-4F10-8D95-F93C8C8D16F6", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "8AF82E95-C8D3-402B-BC97-29EA1771D5EA", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "0350CCE9-512A-4A77-8FAB-7A8F9B061170", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3CC55E28-36AC-4D40-BB6D-A1B53503F5E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.3.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "66F0A624-DDE8-490C-9DA4-762CD39764B2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "901C034C-DDA4-49E1-B8B4-62F3B5C00173", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "D094896F-425A-4E69-8941-41147222C42D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "30825677-8EF7-46A0-BB47-887707E007C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "C3DF5D18-28B3-45C8-A10A-56BB1202C5A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "7BC61767-2E32-409B-9A5E-DFE2895D2DD2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.4.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "F80A4394-4E2B-4166-BA37-8FB03D1E2ACD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.4.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "7AB8A3CA-D333-44D4-BA5A-5F966B8EFFBB", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "6D3E5582-8D7C-4250-BFCA-B87973521E23", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "48F33ECC-CAFC-4F7C-9A64-5A536D76F67F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "5A995725-A2C1-4461-AB71-1ECD26AFBB9A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0C7DB8C1-6C50-43E8-AC70-ED3C4EB62D8F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.6.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "D7C4FC5F-B68F-4ADA-AD3B-06A530619C10", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "5831F9A4-E89F-4927-B332-CB9D23CD5907", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.7.10:*:*:*:*:*:*:*", "matchCriteriaId": "899C69AD-93AC-4707-BF1D-55EDB6EEF7C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.7.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "A0E44D44-8D4D-4B1F-9D00-CCD68B5D3415", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in of Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, local attacker to cause the device to unexpectedly reload, causing a denial of service (DoS) condition.\r\n\r This vulnerability is due to improper validation of user-supplied input. An attacker with a low-privileged account could exploit this vulnerability by using crafted commands at the CLI prompt. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."}, {"lang": "es", "value": "Una vulnerabilidad en el software Cisco Secure Cortafuegos Defensa contra Amenazas (FTD) podr\u00eda permitir a un atacante local autenticado que el dispositivo se reinicie inesperadamente, causando una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de la entrada proporcionada por el usuario. Un atacante con una cuenta de bajo privilegio podr\u00eda explotar esta vulnerabilidad utilizando comandos manipulados en la l\u00ednea de comandos (CLI). Un exploit exitoso podr\u00eda permitir al atacante que el dispositivo se reinicie, lo que resultar\u00eda en una condici\u00f3n de DoS."}], "id": "CVE-2026-20064", "lastModified": "2026-04-28T21:17:43.850", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.0, "impactScore": 4.0, "source": "psirt@cisco.com", "type": "Primary"}]}, "published": "2026-03-04T19:16:16.003", "references": [{"source": "psirt@cisco.com", "tags": ["Vendor Advisory"], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmd-inj-mTzGZexf"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "psirt@cisco.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "6.4.0"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.4.0.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.4.0.3"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.4.0.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.4.0.4"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.4.0.5"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.4.0.6"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.4.0.7"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.4.0.8"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.4.0.9"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.4.0.10"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.4.0.11"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.4.0.12"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.4.0.13"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.4.0.14"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.4.0.15"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.4.0.16"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.4.0.17"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.4.0.18"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "7.0.0"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "7.0.0.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "7.0.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "7.0.1.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "7.0.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "7.0.2.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "7.0.3"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "7.0.4"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "7.0.5"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "7.0.6"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "7.0.6.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "7.0.6.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "7.0.6.3"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "7.0.7"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "7.0.8"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "7.0.8.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "7.1.0"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "7.1.0.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "7.1.0.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "7.1.0.3"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "7.2.0"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "7.2.0.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "7.2.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "7.2.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "7.2.3"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "7.2.4"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "7.2.4.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "7.2.5"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "7.2.5.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "7.2.6"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "7.2.7"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "7.2.5.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "7.2.8"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "7.2.8.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "7.2.9"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "7.2.10"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "7.2.10.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "7.3.0"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "7.3.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "7.3.1.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "7.3.1.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "7.4.0"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "7.4.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "7.4.1.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "7.4.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "7.4.2.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "7.4.2.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "7.4.2.3"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "7.4.2.4"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "7.6.0"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "7.6.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "7.6.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "7.6.2.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "7.7.0"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "7.7.10"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "7.7.10.1"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "Cisco Secure Firewall Threat Defense (FTD) Software", "source": "cna", "vendor": "Cisco"}, "product": "secure_firewall_threat_defense", "vendor": "cisco"}], "analysis": {"en": {"generated_at": "2026-04-16T13:11:40.196363+00:00", "value": {"mitigation_remediation": ["Apply the most recent Cisco Secure Firewall Threat Defense software update that contains the command\u2011injection fix.", "Restrict CLI access to users with administrative roles only, removing or disabling low\u2011privilege accounts that can enter commands.", "Configure monitoring to detect abnormal reload events and set up alerts for unexpected restarts."], "summary": {"action": "Patch", "impact": "Denial of Service via device reload"}, "threat_synthesis": {"affected_systems": "Cisco\u2019s Secure Firewall Threat Defense (FTD) Software is affected. No specific version range is listed in the advisory, so the scope of vulnerable releases is presently unknown.", "description_and_impact": "A flaw in Cisco Secure Firewall Threat Defense Software allows an authenticated local user to send crafted commands through the command\u2011line interface, causing the device to unexpectedly reload and resulting in a denial\u2011of\u2011service condition. The weakness is rooted in improper input validation, and it is classified as CWE\u2011476.", "risk_and_exploitability": "The CVSS base score of 6.5 indicates moderate severity, and the EPSS score of less than 1% suggests a currently low exploitation probability. The vulnerability requires an authenticated local user with low privileges; no remote or unauthenticated access is needed. Because the device can be forced to reload, an attacker could disrupt firewall operations, leading to a temporary denial of service for the protected network."}}}}, "created": "2026-03-05T09:05:59.275471+00:00", "title": "Local Command Injection Leading to Device Reload and DoS", "updated": "2026-04-16T13:15:06.230280+00:00", "vendors": ["cisco", "cisco$PRODUCT$secure_firewall_threat_defense"]}