CVE-2020-3254

HIGH

Cisco ASA & FTD MGCP Packet Handling Unauthenticated DoS

Title source: llm

Description

Multiple vulnerabilities in the Media Gateway Control Protocol (MGCP) inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerabilities are due to inefficient memory management. An attacker could exploit these vulnerabilities by sending crafted MGCP packets through an affected device. An exploit could allow the attacker to cause memory exhaustion resulting in a restart of an affected device, causing a DoS condition for traffic traversing the device.

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory x_refsource_cisco

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-mgcp-SUqB8VKH

Scores

CVSS v3 7.5

EPSS 0.0116

EPSS Percentile 78.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-400

Status published

Products (14)

cisco/adaptive_security_appliance_software 9.6 - 9.6.4.34

cisco/asa_5505_firmware 9.10\(1.3\)

cisco/asa_5510_firmware 9.10\(1.3\)

cisco/asa_5512-x_firmware 9.10\(1.3\)

cisco/asa_5515-x_firmware 9.10\(1.3\)

cisco/asa_5520_firmware 9.10\(1.3\)

cisco/asa_5525-x_firmware 9.10\(1.3\)

cisco/asa_5540_firmware 9.10\(1.3\)

cisco/asa_5545-x_firmware 9.10\(1.3\)

cisco/asa_5550_firmware 9.10\(1.3\)

... and 4 more

Published May 06, 2020

Tracked Since Feb 18, 2026