製品・ソフトウェアに関する情報

JVN脆弱性詳細

シスコシステムズのAdaptive Security Appliance (ASA) Software等の複数製品における古典的バッファオーバーフローの脆弱性

タイトル	シスコシステムズのAdaptive Security Appliance (ASA) Software等の複数製品における古典的バッファオーバーフローの脆弱性
概要	Cisco Secure Firewall Adaptive Security Appliance (ASA) ソフトウェアおよび Secure Firewall Threat Defense (FTD) ソフトウェアのリモートアクセス SSL VPN 機能に含まれる LUA インタプリタに脆弱性が存在します。この脆弱性により、有効な VPN 接続を持つ認証済みのリモート攻撃者がデバイスを予期せず再起動させ、サービス拒否（DoS）状態を引き起こす可能性があります。この脆弱性は管理用インターフェースや MUS インターフェースには影響しません。この問題は、LUA インタプリタがユーザー入力を検証せずに信頼していることが原因です。攻撃者は細工された HTTP パケットをリモートアクセス SSL VPN サーバーに送信することで、この脆弱性を悪用できます。成功した攻撃により、攻撃者はデバイスを再起動させて DoS 状態を引き起こすことが可能です。
想定される影響	当該ソフトウェアが扱う情報について、外部への漏えいは発生しません。また、当該ソフトウェアが扱う情報について、書き換えは発生しません。さらに、当該ソフトウェアが完全に停止する可能性があります。そして、この脆弱性を悪用した攻撃により、他のソフトウェアにも影響が及ぶ可能性があります。
対策	正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
公表日	2026年3月4日0:00
登録日	2026年5月7日11:30
最終更新日	2026年5月7日11:30

CVSS3.0 : 重要
スコア	7.7
ベクター	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

影響を受けるシステム

シスコシステムズ

Adaptive Security Appliance (ASA) Software 9.12.1

Adaptive Security Appliance (ASA) Software 9.12.1.2

Adaptive Security Appliance (ASA) Software 9.12.1.3

Adaptive Security Appliance (ASA) Software 9.12.2

Adaptive Security Appliance (ASA) Software 9.12.2.1

Adaptive Security Appliance (ASA) Software 9.12.2.4

Adaptive Security Appliance (ASA) Software 9.12.2.5

Adaptive Security Appliance (ASA) Software 9.12.2.9

Adaptive Security Appliance (ASA) Software 9.12.3

Adaptive Security Appliance (ASA) Software 9.12.3.12

Adaptive Security Appliance (ASA) Software 9.12.3.2

Adaptive Security Appliance (ASA) Software 9.12.3.7

Adaptive Security Appliance (ASA) Software 9.12.3.9

Adaptive Security Appliance (ASA) Software 9.12.4

Adaptive Security Appliance (ASA) Software 9.12.4.10

Adaptive Security Appliance (ASA) Software 9.12.4.13

Adaptive Security Appliance (ASA) Software 9.12.4.18

Adaptive Security Appliance (ASA) Software 9.12.4.2

Adaptive Security Appliance (ASA) Software 9.12.4.24

Adaptive Security Appliance (ASA) Software 9.12.4.26

Adaptive Security Appliance (ASA) Software 9.12.4.29

Adaptive Security Appliance (ASA) Software 9.12.4.30

Adaptive Security Appliance (ASA) Software 9.12.4.35

Adaptive Security Appliance (ASA) Software 9.12.4.37

Adaptive Security Appliance (ASA) Software 9.12.4.38

Adaptive Security Appliance (ASA) Software 9.12.4.39

Adaptive Security Appliance (ASA) Software 9.12.4.4

Adaptive Security Appliance (ASA) Software 9.12.4.40

Adaptive Security Appliance (ASA) Software 9.12.4.41

Adaptive Security Appliance (ASA) Software 9.12.4.47

Adaptive Security Appliance (ASA) Software 9.12.4.48

Adaptive Security Appliance (ASA) Software 9.12.4.50

Adaptive Security Appliance (ASA) Software 9.12.4.52

Adaptive Security Appliance (ASA) Software 9.12.4.54

Adaptive Security Appliance (ASA) Software 9.12.4.55

Adaptive Security Appliance (ASA) Software 9.12.4.56

Adaptive Security Appliance (ASA) Software 9.12.4.58

Adaptive Security Appliance (ASA) Software 9.12.4.62

Adaptive Security Appliance (ASA) Software 9.12.4.65

Adaptive Security Appliance (ASA) Software 9.12.4.67

Adaptive Security Appliance (ASA) Software 9.12.4.7

Adaptive Security Appliance (ASA) Software 9.12.4.8

Adaptive Security Appliance (ASA) Software 9.16.1

Adaptive Security Appliance (ASA) Software 9.16.1.28

Adaptive Security Appliance (ASA) Software 9.16.2

Adaptive Security Appliance (ASA) Software 9.16.2.11

Adaptive Security Appliance (ASA) Software 9.16.2.13

Adaptive Security Appliance (ASA) Software 9.16.2.14

Adaptive Security Appliance (ASA) Software 9.16.2.3

Adaptive Security Appliance (ASA) Software 9.16.2.7

Adaptive Security Appliance (ASA) Software 9.16.3

Adaptive Security Appliance (ASA) Software 9.16.3.14

Adaptive Security Appliance (ASA) Software 9.16.3.15

Adaptive Security Appliance (ASA) Software 9.16.3.19

Adaptive Security Appliance (ASA) Software 9.16.3.23

Adaptive Security Appliance (ASA) Software 9.16.3.3

Adaptive Security Appliance (ASA) Software 9.16.4

Adaptive Security Appliance (ASA) Software 9.16.4.14

Adaptive Security Appliance (ASA) Software 9.16.4.19

Adaptive Security Appliance (ASA) Software 9.16.4.27

Adaptive Security Appliance (ASA) Software 9.16.4.38

Adaptive Security Appliance (ASA) Software 9.16.4.39

Adaptive Security Appliance (ASA) Software 9.16.4.42

Adaptive Security Appliance (ASA) Software 9.16.4.48

Adaptive Security Appliance (ASA) Software 9.16.4.55

Adaptive Security Appliance (ASA) Software 9.16.4.57

Adaptive Security Appliance (ASA) Software 9.16.4.61

Adaptive Security Appliance (ASA) Software 9.16.4.62

Adaptive Security Appliance (ASA) Software 9.16.4.67

Adaptive Security Appliance (ASA) Software 9.16.4.70

Adaptive Security Appliance (ASA) Software 9.16.4.71

Adaptive Security Appliance (ASA) Software 9.16.4.76

Adaptive Security Appliance (ASA) Software 9.16.4.82

Adaptive Security Appliance (ASA) Software 9.16.4.84

Adaptive Security Appliance (ASA) Software 9.16.4.9

Adaptive Security Appliance (ASA) Software 9.17.1

Adaptive Security Appliance (ASA) Software 9.17.1.10

Adaptive Security Appliance (ASA) Software 9.17.1.11

Adaptive Security Appliance (ASA) Software 9.17.1.13

Adaptive Security Appliance (ASA) Software 9.17.1.15

Adaptive Security Appliance (ASA) Software 9.17.1.20

Adaptive Security Appliance (ASA) Software 9.17.1.30

Adaptive Security Appliance (ASA) Software 9.17.1.33

Adaptive Security Appliance (ASA) Software 9.17.1.39

Adaptive Security Appliance (ASA) Software 9.17.1.45

Adaptive Security Appliance (ASA) Software 9.17.1.46

Adaptive Security Appliance (ASA) Software 9.17.1.7

Adaptive Security Appliance (ASA) Software 9.17.1.9

Adaptive Security Appliance (ASA) Software 9.18.1

Adaptive Security Appliance (ASA) Software 9.18.1.3

Adaptive Security Appliance (ASA) Software 9.18.2

Adaptive Security Appliance (ASA) Software 9.18.2.5

Adaptive Security Appliance (ASA) Software 9.18.2.7

Adaptive Security Appliance (ASA) Software 9.18.2.8

Adaptive Security Appliance (ASA) Software 9.18.3

Adaptive Security Appliance (ASA) Software 9.18.3.39

Adaptive Security Appliance (ASA) Software 9.18.3.46

Adaptive Security Appliance (ASA) Software 9.18.3.53

Adaptive Security Appliance (ASA) Software 9.18.3.55

Adaptive Security Appliance (ASA) Software 9.18.3.56

Adaptive Security Appliance (ASA) Software 9.18.4

Adaptive Security Appliance (ASA) Software 9.18.4.22

Adaptive Security Appliance (ASA) Software 9.18.4.24

Adaptive Security Appliance (ASA) Software 9.18.4.29

Adaptive Security Appliance (ASA) Software 9.18.4.34

Adaptive Security Appliance (ASA) Software 9.18.4.40

Adaptive Security Appliance (ASA) Software 9.18.4.47

Adaptive Security Appliance (ASA) Software 9.18.4.5

Adaptive Security Appliance (ASA) Software 9.18.4.50

Adaptive Security Appliance (ASA) Software 9.18.4.52

Adaptive Security Appliance (ASA) Software 9.18.4.53

Adaptive Security Appliance (ASA) Software 9.18.4.57

Adaptive Security Appliance (ASA) Software 9.18.4.8

Adaptive Security Appliance (ASA) Software 9.19.1

Adaptive Security Appliance (ASA) Software 9.19.1.12

Adaptive Security Appliance (ASA) Software 9.19.1.18

Adaptive Security Appliance (ASA) Software 9.19.1.22

Adaptive Security Appliance (ASA) Software 9.19.1.24

Adaptive Security Appliance (ASA) Software 9.19.1.27

Adaptive Security Appliance (ASA) Software 9.19.1.28

Adaptive Security Appliance (ASA) Software 9.19.1.31

Adaptive Security Appliance (ASA) Software 9.19.1.37

Adaptive Security Appliance (ASA) Software 9.19.1.38

Adaptive Security Appliance (ASA) Software 9.19.1.42

Adaptive Security Appliance (ASA) Software 9.19.1.5

Adaptive Security Appliance (ASA) Software 9.19.1.9

Adaptive Security Appliance (ASA) Software 9.20.1

Adaptive Security Appliance (ASA) Software 9.20.1.5

Adaptive Security Appliance (ASA) Software 9.20.2

Adaptive Security Appliance (ASA) Software 9.20.2.10

Adaptive Security Appliance (ASA) Software 9.20.2.21

Adaptive Security Appliance (ASA) Software 9.20.2.22

Adaptive Security Appliance (ASA) Software 9.20.3

Adaptive Security Appliance (ASA) Software 9.20.3.10

Adaptive Security Appliance (ASA) Software 9.20.3.13

Adaptive Security Appliance (ASA) Software 9.20.3.16

Adaptive Security Appliance (ASA) Software 9.20.3.20

Adaptive Security Appliance (ASA) Software 9.20.3.4

Adaptive Security Appliance (ASA) Software 9.20.3.7

Adaptive Security Appliance (ASA) Software 9.20.3.9

Adaptive Security Appliance (ASA) Software 9.22.1.1

Adaptive Security Appliance (ASA) Software 9.22.1.2

Adaptive Security Appliance (ASA) Software 9.22.1.3

Adaptive Security Appliance (ASA) Software 9.22.1.6

Adaptive Security Appliance (ASA) Software 9.22.2

Adaptive Security Appliance (ASA) Software 9.23.1

Adaptive Security Appliance (ASA) Software 9.23.1.3

Firepower Threat Defense (FTD) 6.4.0

Firepower Threat Defense (FTD) 6.4.0.1

Firepower Threat Defense (FTD) 6.4.0.10

Firepower Threat Defense (FTD) 6.4.0.11

Firepower Threat Defense (FTD) 6.4.0.12

Firepower Threat Defense (FTD) 6.4.0.13

Firepower Threat Defense (FTD) 6.4.0.14

Firepower Threat Defense (FTD) 6.4.0.15

Firepower Threat Defense (FTD) 6.4.0.16

Firepower Threat Defense (FTD) 6.4.0.17

Firepower Threat Defense (FTD) 6.4.0.18

Firepower Threat Defense (FTD) 6.4.0.2

Firepower Threat Defense (FTD) 6.4.0.3

Firepower Threat Defense (FTD) 6.4.0.4

Firepower Threat Defense (FTD) 6.4.0.5

Firepower Threat Defense (FTD) 6.4.0.6

Firepower Threat Defense (FTD) 6.4.0.7

Firepower Threat Defense (FTD) 6.4.0.8

Firepower Threat Defense (FTD) 6.4.0.9

Firepower Threat Defense (FTD) 7.0.0

Firepower Threat Defense (FTD) 7.0.0.1

Firepower Threat Defense (FTD) 7.0.1

Firepower Threat Defense (FTD) 7.0.1.1

Firepower Threat Defense (FTD) 7.0.2

Firepower Threat Defense (FTD) 7.0.2.1

Firepower Threat Defense (FTD) 7.0.3

Firepower Threat Defense (FTD) 7.0.4

Firepower Threat Defense (FTD) 7.0.5

Firepower Threat Defense (FTD) 7.0.6

Firepower Threat Defense (FTD) 7.0.6.1

Firepower Threat Defense (FTD) 7.0.6.2

Firepower Threat Defense (FTD) 7.0.6.3

Firepower Threat Defense (FTD) 7.0.7

Firepower Threat Defense (FTD) 7.0.8

Firepower Threat Defense (FTD) 7.0.8.1

Firepower Threat Defense (FTD) 7.1.0

Firepower Threat Defense (FTD) 7.1.0.1

Firepower Threat Defense (FTD) 7.1.0.2

Firepower Threat Defense (FTD) 7.1.0.3

Firepower Threat Defense (FTD) 7.2.0

Firepower Threat Defense (FTD) 7.2.0.1

Firepower Threat Defense (FTD) 7.2.1

Firepower Threat Defense (FTD) 7.2.10

Firepower Threat Defense (FTD) 7.2.10.2

Firepower Threat Defense (FTD) 7.2.2

Firepower Threat Defense (FTD) 7.2.3

Firepower Threat Defense (FTD) 7.2.4

Firepower Threat Defense (FTD) 7.2.4.1

Firepower Threat Defense (FTD) 7.2.5

Firepower Threat Defense (FTD) 7.2.5.1

Firepower Threat Defense (FTD) 7.2.5.2

Firepower Threat Defense (FTD) 7.2.6

Firepower Threat Defense (FTD) 7.2.7

Firepower Threat Defense (FTD) 7.2.8

Firepower Threat Defense (FTD) 7.2.8.1

Firepower Threat Defense (FTD) 7.2.9

Firepower Threat Defense (FTD) 7.3.0

Firepower Threat Defense (FTD) 7.3.1

Firepower Threat Defense (FTD) 7.3.1.1

Firepower Threat Defense (FTD) 7.3.1.2

Firepower Threat Defense (FTD) 7.4.0

Firepower Threat Defense (FTD) 7.4.1

Firepower Threat Defense (FTD) 7.4.1.1

Firepower Threat Defense (FTD) 7.4.2

Firepower Threat Defense (FTD) 7.4.2.1

Firepower Threat Defense (FTD) 7.4.2.2

Firepower Threat Defense (FTD) 7.4.2.3

Firepower Threat Defense (FTD) 7.4.2.4

Firepower Threat Defense (FTD) 7.6.0

Firepower Threat Defense (FTD) 7.6.1

Firepower Threat Defense (FTD) 7.6.2

Firepower Threat Defense (FTD) 7.6.2.1

Firepower Threat Defense (FTD) 7.7.0

Firepower Threat Defense (FTD) 7.7.10

Firepower Threat Defense (FTD) 7.7.10.1

CVE (情報セキュリティ共通脆弱性識別子)

No	名前	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2026-20100	https://www.cve.org/CVERecord?id=CVE-2026-20100
National Vulnerability Database (NVD)
2	CVE-2026-20100	https://nvd.nist.gov/vuln/detail/CVE-2026-20100

CWE (共通脆弱性タイプ一覧)

No	名前	URL
JVNDB
1	CWE-120	https://cwe.mitre.org/data/definitions/120.html

ベンダー情報

No	名前	URL
Cisco Security Advisory
1	Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access SSL VPN Denial of Service Vulnerabilities	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-vpn-m9sx6MbC

変更履歴

No	変更内容	変更日
1	[2026年05月07日] 掲載	2026年5月7日11:30