Volerion logoVolerion
Volerion logoVolerion

Cisco Secure Firewall ASA TCP Flood Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software Release 9.20.4.14. This issue allows an unauthenticated, remote attacker to disrupt incoming TCP connections by improperly managing new connections to management or data interfaces during a TCP SYN flood attack. Exploitation of this vulnerability can block all TCP-based connections to the device, including remote management access and Remote Access VPN (RAVPN) connections.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition, causing all incoming TCP connections to the device to be dropped. This interruption includes remote management access, Remote Access VPN connections, and all TCP-based network protocols, effectively causing a widespread disruption of service for these features.

Remediation

Users are advised to upgrade to Cisco Secure Firewall ASA Software Release 9.20.4.19, as this version addresses the vulnerability. For guidance on upgrading, consult the Cisco Secure Firewall ASA Upgrade Guide.

Added: Mar 4, 2026, 6:37 PM
Updated: Mar 4, 2026, 6:37 PM

Vulnerability Rating

Custom Algorithm
spread
6.8
impact
2.5
exploitability
6.3
remediation
7.7
relevance
3.5
threat
0.0
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.