CVE-2026-20067 — Out-of-bounds Write in Cisco Cyber Vision

CWE-787 — Out-of-bounds Write CWE-248 — Uncaught Exception CWE-392 — Missing Report of Error Condition CWE-400 — Uncontrolled Resource Consumption CWE-667 — Improper Locking4 documents4 sources

Severity

5.8MEDIUMNVD

EPSS

0.1%

top 64.99%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Cyber Vision Cisco Secure Firewall Threat Defense Software Cisco UTD Snort IPS Engine Software

Timeline

PublishedMar 4

Description

Multiple Cisco products are affected by a vulnerability in the Snort 3 detection engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to incomplete error checking when parsing the Multicast DNS fields of the HTTP header. An attacker could exploit this vulnerability by sending crafted HTTP packets through an established connection to be parsed by Snort 3. A succes…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages3 packages

▶CVEListV5cisco/cisco_utd_snort_ips_engine_software71 versions+70

▶CVEListV5cisco/cisco_cyber_vision54 versions+53

▶CVEListV5cisco/cisco_secure_firewall_threat_defense_software57 versions+56

🔴Vulnerability Details

GHSA

GHSA-mw99-v56m-j965: Multiple Cisco products are affected by a vulnerability in the Snort 3 detection engine that could allow an unauthenticated, remote attacker to cause↗2026-03-04

▶

CVEList

Multiple Cisco Products Snort 3 TBD Denial of Service Vulnerability↗2026-03-04

▶

📋Vendor Advisories

Cisco

Multiple Cisco Products Snort 3 Denial of Service Vulnerabilities↗2026-03-04

▶