CVE-2026-20007Improper Access Control in Cisco Secure Firewall Threat Defense Software

CWE-284Improper Access Control4 documents4 sources
Severity
5.8MEDIUMNVD
EPSS
0.0%
top 90.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Secure Firewall Threat Defense Software
Timeline
PublishedMar 4

Description

A vulnerability in the Snort 2 and Snort 3 deep packet inspection of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured Snort rules and allow traffic onto the network that should have been dropped. This vulnerability is due to a logic error in the integration of the Snort Engine rules with Cisco Secure FTD Software that could allow different Snort rules to be hit when deep inspection of the packet is performed for the inner a

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages1 packages

🔴Vulnerability Details

2
CVEList
Cisco Secure Firewall Threat Defense Software Snort Deep Inspection Bypass Vulnerability2026-03-04
GHSA
GHSA-33pq-q8j2-pf3g: A vulnerability in the Snort 2 and Snort 3 deep packet inspection of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticate2026-03-04

📋Vendor Advisories

1
Cisco
Cisco Secure Firewall Threat Defense Software Snort Deep Inspection Bypass Vulnerability2026-03-04
CVE-2026-20007 — Improper Access Control in Cisco | cvebase