CVE-2026-20026

CWE-415CWE-200Information Exposure4 documents4 sources
Severity
5.8MEDIUM
EPSS
0.1%
top 65.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Cisco Secure Firewall Threat Defense (ftd) SoftwareCisco Cisco UTD Snort IPS Engine Software
Timeline
PublishedJan 7

Description

Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, resulting in an interruption of packet inspection. This vulnerability is due to an error in buffer handling logic when processing DCE/RPC requests, which can result in a buffer use-after-free read. An attacker could exploit this vulnerability by sending a large number

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

CVEListV5cisco/cisco_utd_snort_ips_engine_software103 versions+102

🔴Vulnerability Details

2
CVEList
Multiple Cisco Products Snort 3 DCERPC Vulnerabilities2026-01-07
GHSA
GHSA-xc37-chcm-mxpf: Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to2026-01-07

📋Vendor Advisories

1
Cisco
Multiple Cisco Products Snort 3 Distributed Computing Environment/Remote Procedure Call Vulnerabilities2026-01-07
CVE-2026-20026 (MEDIUM CVSS 5.8) | Multiple Cisco products are affecte | cvebase.io