CVE-2026-20056

Summary

A vulnerability in the Dynamic Vectoring and Streaming (DVS) Engine implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass the anti-malware scanner, allowing malicious archive files to be downloaded.

This vulnerability is due to improper handling of certain archive files. An attacker could exploit this vulnerability by sending a crafted archive file, which should be blocked, through an affected device. A successful exploit could allow the attacker to bypass the anti-malware scanner and download malware onto an end user workstation. The downloaded malware will not automatically execute unless the end user extracts and launches the malicious file. 

Affected Software

VendorProductVersion RangeStatus
CiscoCisco Secure Web Appliance11.8.0-453affected
CiscoCisco Secure Web Appliance12.5.3-002affected
CiscoCisco Secure Web Appliance12.0.3-007affected
CiscoCisco Secure Web Appliance12.0.3-005affected
CiscoCisco Secure Web Appliance14.1.0-032affected
CiscoCisco Secure Web Appliance14.1.0-047affected
CiscoCisco Secure Web Appliance14.1.0-041affected
CiscoCisco Secure Web Appliance12.0.4-002affected
CiscoCisco Secure Web Appliance14.0.2-012affected
CiscoCisco Secure Web Appliance11.8.0-414affected
CiscoCisco Secure Web Appliance12.0.1-268affected
CiscoCisco Secure Web Appliance11.8.1-023affected
CiscoCisco Secure Web Appliance11.8.3-021affected
CiscoCisco Secure Web Appliance11.8.3-018affected
CiscoCisco Secure Web Appliance12.5.1-011affected
CiscoCisco Secure Web Appliance11.8.4-004affected
CiscoCisco Secure Web Appliance12.5.2-007affected
CiscoCisco Secure Web Appliance12.5.2-011affected
CiscoCisco Secure Web Appliance14.5.0-498affected
CiscoCisco Secure Web Appliance12.5.4-005affected
CiscoCisco Secure Web Appliance12.5.4-011affected
CiscoCisco Secure Web Appliance12.0.5-011affected
CiscoCisco Secure Web Appliance14.0.3-014affected
CiscoCisco Secure Web Appliance12.5.5-004affected
CiscoCisco Secure Web Appliance12.5.5-005affected
CiscoCisco Secure Web Appliance12.5.5-008affected
CiscoCisco Secure Web Appliance14.0.4-005affected
CiscoCisco Secure Web Appliance14.5.1-008affected
CiscoCisco Secure Web Appliance14.5.1-016affected
CiscoCisco Secure Web Appliance15.0.0-355affected
CiscoCisco Secure Web Appliance15.0.0-322affected
CiscoCisco Secure Web Appliance12.5.6-008affected
CiscoCisco Secure Web Appliance15.1.0-287affected
CiscoCisco Secure Web Appliance14.5.2-011affected
CiscoCisco Secure Web Appliance15.2.0-116affected
CiscoCisco Secure Web Appliance14.0.5-007affected
CiscoCisco Secure Web Appliance15.2.0-164affected
CiscoCisco Secure Web Appliance14.5.1-510affected
CiscoCisco Secure Web Appliance12.0.2-012affected
CiscoCisco Secure Web Appliance12.0.2-004affected
CiscoCisco Secure Web Appliance14.5.1-607affected
CiscoCisco Secure Web Appliance14.5.3-033affected
CiscoCisco Secure Web Appliance15.0.1-004affected
CiscoCisco Secure Web Appliance15.2.1-011affected
CiscoCisco Secure Web Appliance14.5.0-673affected
CiscoCisco Secure Web Appliance14.5.0-537affected
CiscoCisco Secure Web Appliance12.0.1-334affected
CiscoCisco Secure Web Appliance14.0.1-503affected
CiscoCisco Secure Web Appliance14.0.1-053affected
CiscoCisco Secure Web Appliance11.8.0-429affected
CiscoCisco Secure Web Appliance14.0.1-040affected
CiscoCisco Secure Web Appliance14.0.1-014affected
CiscoCisco Secure Web Appliance12.5.1-043affected
CiscoCisco Secure Web Appliance15.2.2-009affected
CiscoCisco Secure Web Appliance15.5.0-566affected
CiscoCisco Secure Web Appliance15.2.3-007affected
CiscoCisco Secure Web Appliance15.5.0-574affected
CiscoCisco Secure Web Appliance15.5.0-710affected
CiscoCisco Secure Web Appliance15.2.4-022affected
CiscoCisco Secure Web Appliance15.5.1-002affected

Weaknesses

  • CWE-494: Download of Code Without Integrity Check

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References