CVE-2026-20056
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
Summary
A vulnerability in the Dynamic Vectoring and Streaming (DVS) Engine implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass the anti-malware scanner, allowing malicious archive files to be downloaded.
This vulnerability is due to improper handling of certain archive files. An attacker could exploit this vulnerability by sending a crafted archive file, which should be blocked, through an affected device. A successful exploit could allow the attacker to bypass the anti-malware scanner and download malware onto an end user workstation. The downloaded malware will not automatically execute unless the end user extracts and launches the malicious file.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Cisco | Cisco Secure Web Appliance | 11.8.0-453 | affected |
| Cisco | Cisco Secure Web Appliance | 12.5.3-002 | affected |
| Cisco | Cisco Secure Web Appliance | 12.0.3-007 | affected |
| Cisco | Cisco Secure Web Appliance | 12.0.3-005 | affected |
| Cisco | Cisco Secure Web Appliance | 14.1.0-032 | affected |
| Cisco | Cisco Secure Web Appliance | 14.1.0-047 | affected |
| Cisco | Cisco Secure Web Appliance | 14.1.0-041 | affected |
| Cisco | Cisco Secure Web Appliance | 12.0.4-002 | affected |
| Cisco | Cisco Secure Web Appliance | 14.0.2-012 | affected |
| Cisco | Cisco Secure Web Appliance | 11.8.0-414 | affected |
| Cisco | Cisco Secure Web Appliance | 12.0.1-268 | affected |
| Cisco | Cisco Secure Web Appliance | 11.8.1-023 | affected |
| Cisco | Cisco Secure Web Appliance | 11.8.3-021 | affected |
| Cisco | Cisco Secure Web Appliance | 11.8.3-018 | affected |
| Cisco | Cisco Secure Web Appliance | 12.5.1-011 | affected |
| Cisco | Cisco Secure Web Appliance | 11.8.4-004 | affected |
| Cisco | Cisco Secure Web Appliance | 12.5.2-007 | affected |
| Cisco | Cisco Secure Web Appliance | 12.5.2-011 | affected |
| Cisco | Cisco Secure Web Appliance | 14.5.0-498 | affected |
| Cisco | Cisco Secure Web Appliance | 12.5.4-005 | affected |
| Cisco | Cisco Secure Web Appliance | 12.5.4-011 | affected |
| Cisco | Cisco Secure Web Appliance | 12.0.5-011 | affected |
| Cisco | Cisco Secure Web Appliance | 14.0.3-014 | affected |
| Cisco | Cisco Secure Web Appliance | 12.5.5-004 | affected |
| Cisco | Cisco Secure Web Appliance | 12.5.5-005 | affected |
| Cisco | Cisco Secure Web Appliance | 12.5.5-008 | affected |
| Cisco | Cisco Secure Web Appliance | 14.0.4-005 | affected |
| Cisco | Cisco Secure Web Appliance | 14.5.1-008 | affected |
| Cisco | Cisco Secure Web Appliance | 14.5.1-016 | affected |
| Cisco | Cisco Secure Web Appliance | 15.0.0-355 | affected |
| Cisco | Cisco Secure Web Appliance | 15.0.0-322 | affected |
| Cisco | Cisco Secure Web Appliance | 12.5.6-008 | affected |
| Cisco | Cisco Secure Web Appliance | 15.1.0-287 | affected |
| Cisco | Cisco Secure Web Appliance | 14.5.2-011 | affected |
| Cisco | Cisco Secure Web Appliance | 15.2.0-116 | affected |
| Cisco | Cisco Secure Web Appliance | 14.0.5-007 | affected |
| Cisco | Cisco Secure Web Appliance | 15.2.0-164 | affected |
| Cisco | Cisco Secure Web Appliance | 14.5.1-510 | affected |
| Cisco | Cisco Secure Web Appliance | 12.0.2-012 | affected |
| Cisco | Cisco Secure Web Appliance | 12.0.2-004 | affected |
| Cisco | Cisco Secure Web Appliance | 14.5.1-607 | affected |
| Cisco | Cisco Secure Web Appliance | 14.5.3-033 | affected |
| Cisco | Cisco Secure Web Appliance | 15.0.1-004 | affected |
| Cisco | Cisco Secure Web Appliance | 15.2.1-011 | affected |
| Cisco | Cisco Secure Web Appliance | 14.5.0-673 | affected |
| Cisco | Cisco Secure Web Appliance | 14.5.0-537 | affected |
| Cisco | Cisco Secure Web Appliance | 12.0.1-334 | affected |
| Cisco | Cisco Secure Web Appliance | 14.0.1-503 | affected |
| Cisco | Cisco Secure Web Appliance | 14.0.1-053 | affected |
| Cisco | Cisco Secure Web Appliance | 11.8.0-429 | affected |
| Cisco | Cisco Secure Web Appliance | 14.0.1-040 | affected |
| Cisco | Cisco Secure Web Appliance | 14.0.1-014 | affected |
| Cisco | Cisco Secure Web Appliance | 12.5.1-043 | affected |
| Cisco | Cisco Secure Web Appliance | 15.2.2-009 | affected |
| Cisco | Cisco Secure Web Appliance | 15.5.0-566 | affected |
| Cisco | Cisco Secure Web Appliance | 15.2.3-007 | affected |
| Cisco | Cisco Secure Web Appliance | 15.5.0-574 | affected |
| Cisco | Cisco Secure Web Appliance | 15.5.0-710 | affected |
| Cisco | Cisco Secure Web Appliance | 15.2.4-022 | affected |
| Cisco | Cisco Secure Web Appliance | 15.5.1-002 | affected |
Weaknesses
- CWE-494: Download of Code Without Integrity Check
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.