CVE-2020-27124

A vulnerability in the SSL/TLS handler of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause the affected device to reload unexpectedly, leading to a denial of service (DoS) condition. The vulnerability is due to improper error handling on established SSL/TLS connections. An attacker could exploit this vulnerability by establishing an SSL/TLS connection with the affected device and then sending a malicious SSL/TLS message within that connection. A successful exploit could allow the attacker to cause the device to reload.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

CVSS

No CVSS.

References

Link	Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-dos-7uZWwSEy	Vendor Advisory
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-xss-bLZw4Ctq	Not Applicable
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sa-rv-routers-xss-K7Z5U6q3	Not Applicable

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.13:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.12:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.10:::::::*

History

01 Aug 2025, 18:43

Type	Values Removed	Values Added
First Time		Cisco Cisco adaptive Security Appliance Software
CPE		cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.12:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.10:::::::* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.13:::::::*
CVSS	v2 : ~~unknown~~ v3 : ~~8.6~~	v2 : unknown v3 : unknown
CWE	~~CWE-457~~
References	~~() https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-dos-7uZWwSEy -~~	() https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-dos-7uZWwSEy - Vendor Advisory
References	~~() https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sa-rv-routers-xss-K7Z5U6q3 -~~	() https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sa-rv-routers-xss-K7Z5U6q3 - Not Applicable
References	~~() https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-xss-bLZw4Ctq -~~	() https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-xss-bLZw4Ctq - Not Applicable

18 Nov 2024, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-11-18 16:15

Updated : 2025-08-01 18:43

NVD link : CVE-2020-27124

Mitre link : CVE-2020-27124

JSON object : View

Products Affected

cisco

adaptive_security_appliance_software

CWE

No CWE.

JSON object

Attach tags to CVE-2020-27124

Attach tags to `CVE-2020-27124`