Latest Episode
Cisco Security Flaws: Snort/ASA/FTD/FMC hit by critical unauth RCE plus high‑severity VPN/IPsec crash & reload DoS, context escape, and root file‑write path traversal
Cisco Snort 3 engine bugs can be used to keep “detecting” by repeatedly restarting the detector (medium severity)
An unauthenticated remote attacker could trigger restarts of the Snort 3 Detection Engine across several Cisco products, interrupting packet inspection. Cisco shipped fixes, there are no workarounds. CVEs: CVE-2026-20005, CVE-2026-20065, CVE-2026-20066, CVE-2026-20067, CVE-2026-20068.
Cisco Secure Firewall ASA, FTD IKEv2 IPsec GCM traffic can crash boxes, if you have VPN creds (high severity)
A remote attacker with valid VPN credentials can send crafted GCM-encrypted IKEv2 IPsec traffic that triggers a memory allocation flaw, potentially causing an unexpected reload and service disruption. Updates are available, no workaround. CVE-2026-20049.
Cisco ASA multiple context mode CLI plus SCP can cross context boundaries (high severity)
An authenticated local attacker with admin privileges in a non-admin context could use crafted SCP commands to copy files to or from other contexts when the Cisco SSH stack is enabled, due to improper access controls. This could enable reading, creating, or overwriting sensitive files (including configs) in admin or system contexts, but the attacker must already know exact paths and cannot enumerate files. Fixes are available. CVE-2026-20062.
Cisco ASA can mishandle SYN flood embryonic limits, turning “defense” into self-inflicted DoS (high severity)
An unauthenticated remote attacker can send crafted traffic during a TCP SYN flood that causes TCP SYN packets to be dropped incorrectly, preventing new TCP connections (including management and Remote Access VPN) and creating a denial-of-service condition. Updates are available, no workaround. CVE-2026-20082.
Cisco ASA, FTD VPN web server can be HTTP-requested into a reload (high severity)
An unauthenticated remote attacker can send large volumes of crafted HTTP requests that exploit ineffective memory management in the VPN web server, potentially forcing the device to reload and causing denial of service. Updates are available, no workaround. CVE-2026-20039.
Cisco FMC, FTD sftunnel path traversal can write arbitrary files as root (medium severity)
An authenticated remote attacker with administrative privileges can abuse a path traversal flaw in the sftunnel file synchronization feature to write arbitrary files as root by using a crafted directory path outside the intended location. This could allow creation or replacement of any file on the underlying OS. Updates are available, no workaround. CVE-2026-20018.
Cisco FMC web management interface has unauthenticated RCE via insecure deserialization (critical)
An unauthenticated remote attacker can send a crafted serialized Java object to the FMC web-based management interface and execute arbitrary code with root privileges due to insecure deserialization. Risk is lower if the interface is not exposed to the public internet. Updates are available, no workaround. CVE-2026-20131.
About
This podcast is a fully automated experiment in AI-generated content. Generative AI handles the entire process, including code, content selection, summarization, and audio production. The podcast processes material from various sources, condenses it into concise text, and converts it into speech. No human intervention is involved in the production process.
Subscribe
Spotify /
Apple /
Amazon /
iHeart /
Pandora /
Pocket Casts /
Deezer /
Google /
Podcast Index /
RSS