What is CVE-2026-20082?

CVE-2026-20082 is a high-severity vulnerability in Cisco Adaptive_security_appliance_software, classified under Missing Release of Resource after Effective Lifetime. CVSS score: 8.6/10. Published 2026-03-04.

How severe is CVE-2026-20082?

High severity. CVSS v3 base score is 8.6 out of 10.

Vulnerability in Cisco Adaptive_security_appliance_software

CVE-2026-20082

A vulnerability in the handling of the embryonic connection limits in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause incoming TCP SYN packets to be dropped incorrec…

EPSS: 0.002 (36.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.6 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H.

Affected products

Cisco Adaptive_security_appliance_software
Cisco Secure Firewall Adaptive Security Appliance (Asa) Software — versions 9.20.4.14

Weakness classification (CWE)

CWE-772 — Missing Release of Resource after Effective Lifetime

References

cisco-sa-asa-dos-FCvLD6vR (Vendor Advisory)

Frequently asked questions

What is CVE-2026-20082?: CVE-2026-20082 is a high-severity vulnerability in Cisco Adaptive_security_appliance_software, classified under Missing Release of Resource after Effective Lifetime. CVSS score: 8.6/10. Published 2026-03-04.
How severe is CVE-2026-20082?: High severity. CVSS v3 base score is 8.6 out of 10.