Description

A vulnerability in the implementation of the proprietary SSH stack with SSH key-based authentication in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to log in to a Cisco Secure Firewall ASA device and execute commands as a specific user. This vulnerability is due to insufficient validation of user input during the SSH authentication phase. An attacker could exploit this vulnerability by submitting crafted input during SSH authentication to an affected device. A successful exploit could allow the attacker to log in to the device as a specific user without the private SSH key of that user. To exploit this vulnerability, the attacker must possess a valid username and the associated public key. The private key is not required. Notes: Exploitation of this vulnerability does not provide the attacker with root access. The authentication, authorization, and accounting (AAA) configuration command auto-enable is not affected by this vulnerability.  

INFO

Published Date :

2026-03-04T17:06:58.606Z

Last Modified :

2026-03-05T15:49:42.424Z

Source :

cisco
AFFECTED PRODUCTS

The following products are affected by CVE-2026-20009 vulnerability.

Vendors Products
Cisco
  • Adaptive Security Appliance Software
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-20009.

URL Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssh-keybypass-cr5xPUSf cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact