CVE-2026-20054

CWE-835 CWE-122 — Heap-based Buffer Overflow CWE-369 CWE-7864 documents4 sources

Severity

5.8MEDIUM

EPSS

0.1%

top 66.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Cisco Cyber Vision Cisco Cisco Secure Firewall Threat Defense (ftd) Software Cisco Cisco UTD Snort IPS Engine Software

Timeline

PublishedMar 4

Description

Multiple Cisco products are affected by a vulnerability in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vulnerability is due to improper error checking when decompressing VBA data. An attacker could exploit this vulnerability by sending crafted VBA data to the Snort 3 Detection Engine on the targeted device. A successful exploit could allow the attacker to cause the Snort 3 Detection Engine to enter an infinite…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages3 packages

▶CVEListV5cisco/cisco_utd_snort_ips_engine_software103 versions+102

▶CVEListV5cisco/cisco_cyber_vision54 versions+53

▶CVEListV5cisco/cisco_secure_firewall_threat_defense_(ftd)_software37 versions+36

🔴Vulnerability Details

GHSA

GHSA-ppp5-3mr9-mww7: Multiple Cisco products are affected by a vulnerability in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the S↗2026-03-04

▶

CVEList

Cisco Secure Firewall Threat Defense Software Snort 3 Visual Basic for Application Infinite Loop Denial of Service Vulnerability↗2026-03-04

▶

📋Vendor Advisories

Cisco

Multiple Cisco Products Snort 3 Visual Basic for Applications Denial of Service Vulnerabilities↗2026-03-04

▶