CVE-2020-3528: Input Validation
First published: Wed Oct 21 2020(Updated: )
A vulnerability in the OSPF Version 2 (OSPFv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation when the affected software processes certain OSPFv2 packets with Link-Local Signaling (LLS) data. An attacker could exploit this vulnerability by sending a malformed OSPFv2 packet to an affected device. A successful exploit could allow the attacker to cause an affected device to reload, resulting in a DoS condition.
Credit: ykramarz@cisco.com ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Adaptive Security Appliance | <9.6 | |
| Cisco Firepower Threat Defense | <6.3.0.6 | |
| Cisco Firepower Threat Defense | >=6.4.0<6.4.0.10 | |
| Cisco Firepower Threat Defense | >=6.5.0<6.5.0.5 | |
| Cisco Firepower Threat Defense | >=6.6.0<6.6.1 | |
| Cisco Adaptive Security Appliance Software | >=9.8.0<9.8.4.26 | |
| Cisco Adaptive Security Appliance Software | >=9.9.0<9.9.2.80 | |
| Cisco Adaptive Security Appliance Software | >=9.10.0<9.10.1.44 | |
| Cisco Adaptive Security Appliance Software | >=9.12.0<9.12.4.4 | |
| Cisco Adaptive Security Appliance Software | >=9.13.0<9.13.1.13 | |
| Cisco Adaptive Security Appliance Software | >=9.14.0<9.14.1.19 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-3528?
CVE-2020-3528 is a vulnerability in the OSPF Version 2 (OSPFv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software.
What is the severity of CVE-2020-3528?
CVE-2020-3528 has a severity value of 7.5, which is considered high.
How does CVE-2020-3528 affect Cisco devices?
CVE-2020-3528 can allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition.
Which software versions are affected by CVE-2020-3528?
Cisco Adaptive Security Appliance (ASA) Software versions up to 9.14.1.19 and Cisco Firepower Threat Defense (FTD) Software versions up to 6.6.1 are affected by CVE-2020-3528.
How can I fix CVE-2020-3528?
To fix CVE-2020-3528, it is recommended to upgrade to a fixed version of Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD) Software.
- collector/nvd-api
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/tags
- agent/event
- agent/weakness
- agent/type
- agent/description
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- vendor/cisco
- canonical/cisco adaptive security appliance
- canonical/cisco firepower threat defense
- version/cisco firepower threat defense/6.4.0
- version/cisco firepower threat defense/6.5.0
- version/cisco firepower threat defense/6.6.0
- canonical/cisco adaptive security appliance software
- version/cisco adaptive security appliance software/9.8.0
- version/cisco adaptive security appliance software/9.9.0
- version/cisco adaptive security appliance software/9.10.0
- version/cisco adaptive security appliance software/9.12.0
- version/cisco adaptive security appliance software/9.13.0
- version/cisco adaptive security appliance software/9.14.0