Volerion logoVolerion
Volerion logoVolerion

Cisco Secure Firewall ASA and FTD Software Access Control List Bypass Vulnerability

Vulnerability

A vulnerability exists in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software. It allows an unauthenticated, remote attacker to send traffic that should be denied through an affected device. This issue arises from improper error handling when a device joining a cluster runs out of memory while replicating access control rules. Exploitation of this vulnerability could enable an attacker to bypass access controls and access devices in protected networks.

Impact

Exploitation of this vulnerability can lead to unauthorized access to devices in protected networks by bypassing access control lists (ACLs) on the affected device.

Remediation

Cisco has released software updates to address this vulnerability. Instructions for upgrading Cisco Secure FTD devices can be found in the Cisco Secure FMC upgrade guide.

Added: Mar 4, 2026, 6:39 PM
Updated: Mar 4, 2026, 6:39 PM

Vulnerability Rating

Custom Algorithm
spread
6.8
impact
0.6
exploitability
6.6
remediation
7.7
relevance
3.5
threat
0.0
urgency
2.9
incentive
4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.