CVE-2026-20005

CWE-392 CWE-248 CWE-400 — Uncontrolled Resource Consumption CWE-667 CWE-787 — Out-of-bounds Write4 documents4 sources

Severity

5.8MEDIUM

EPSS

0.1%

top 73.34%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Cisco Cyber Vision Cisco Cisco Secure Firewall Threat Defense (ftd) Software Cisco Cisco UTD Snort IPS Engine Software

Timeline

PublishedMar 4

Description

Multiple Cisco products are affected by a vulnerability in the Snort 3 Detection Engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to incomplete parsing of the SSL handshake ingress packets. An attacker could exploit this vulnerability by sending crafted SSL handshake packets. A successful exploit could allow the attacker to cause a denial of service (DoS) cond…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages3 packages

▶CVEListV5cisco/cisco_utd_snort_ips_engine_software62 versions+61

▶CVEListV5cisco/cisco_cyber_vision52 versions+51

▶CVEListV5cisco/cisco_secure_firewall_threat_defense_(ftd)_software7 versions+6

🔴Vulnerability Details

CVEList

CVE-2026-20005: Multiple Cisco products are affected by a vulnerability in the Snort 3 Detection Engine that could allow an unauthenticated, remote attacker to cause↗2026-03-04

▶

GHSA

GHSA-pcm4-9fqw-4w8h: Multiple Cisco products are affected by a vulnerability in the Snort 3 Detection Engine that could allow an unauthenticated, remote attacker to cause↗2026-03-04

▶

📋Vendor Advisories

Cisco

Multiple Cisco Products Snort 3 Denial of Service Vulnerabilities↗2026-03-04

▶