CVE-2026-20027

CWE-200 — Information Exposure CWE-4154 documents4 sources

Severity

5.3MEDIUM

EPSS

0.0%

top 86.70%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Cisco Secure Firewall Threat Defense (ftd) Software Cisco Cisco UTD Snort IPS Engine Software

Timeline

PublishedJan 7

Description

Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, resulting in an interruption of packet inspection. This vulnerability is due to an error in buffer handling logic when processing DCE/RPC requests, which can result in a buffer out-of-bounds read. An attacker could exploit this vulnerability by sending a large number o…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5cisco/cisco_utd_snort_ips_engine_software103 versions+102

▶CVEListV5cisco/cisco_secure_firewall_threat_defense_(ftd)_software57 versions+56

🔴Vulnerability Details

CVEList

Cisco Snort DCERPC Stub Data Out of Bounds Read↗2026-01-07

▶

GHSA

GHSA-8852-3pqj-jhpv: Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to↗2026-01-07

▶

📋Vendor Advisories

Cisco

Multiple Cisco Products Snort 3 Distributed Computing Environment/Remote Procedure Call Vulnerabilities↗2026-01-07

▶