CVE-2026-20068

CWE-248 CWE-392 CWE-400 — Uncontrolled Resource Consumption CWE-667 CWE-787 — Out-of-bounds Write4 documents4 sources

Severity

5.8MEDIUM

EPSS

0.1%

top 70.23%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Cisco Cyber Vision Cisco Cisco Secure Firewall Threat Defense (ftd) Software Cisco Cisco UTD Snort IPS Engine Software

Timeline

PublishedMar 4

Description

Multiple Cisco products are affected by a vulnerability in the Snort 3 detection engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to incomplete error checking when parsing remote procedure call (RPC) data. An attacker could exploit this vulnerability by sending crafted RPC packets through an established connection to be parsed by Snort 3. A successful exploit…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages3 packages

▶CVEListV5cisco/cisco_utd_snort_ips_engine_software71 versions+70

▶CVEListV5cisco/cisco_cyber_vision54 versions+53

▶CVEListV5cisco/cisco_secure_firewall_threat_defense_(ftd)_software28 versions+27

🔴Vulnerability Details

GHSA

GHSA-6m9q-hwqp-8rv6: Multiple Cisco products are affected by a vulnerability in the Snort 3 detection engine that could allow an unauthenticated, remote attacker to cause↗2026-03-04

▶

CVEList

Multiple Cisco Products Snort 3 TBD Denial of Service Vulnerability↗2026-03-04

▶

📋Vendor Advisories

Cisco

Multiple Cisco Products Snort 3 Denial of Service Vulnerabilities↗2026-03-04

▶