CVE-2026-20058

Summary

Multiple Cisco products are affected by vulnerabilities in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash.

These vulnerabilities are due to improper error checking when decompressing VBA data. An attacker could exploit these vulnerabilities by sending crafted VBA data to the Snort 3 Detection Engine on the targeted device. A successful exploit could allow the attacker to cause the Snort 3 Detection Engine to unexpectedly restart, causing a DoS condition.

Affected Software

VendorProductVersion RangeStatus
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.2.0affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.2.0.1affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.2.1affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.3.0affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.2.2affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.2.3affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.3.1affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.2.4affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.2.5affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.2.4.1affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.3.1.1affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.4.0affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.2.5.1affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.4.1affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.2.6affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.4.1.1affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.2.7affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.2.5.2affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.3.1.2affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.2.8affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.6.0affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.4.2affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.2.8.1affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.4.2.1affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.2.9affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.7.0affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.4.2.2affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.2.10affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.6.1affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.4.2.3affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.6.2affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.7.10affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.6.2.1affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.7.10.1affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.4.2.4affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.2.10.2affected
CiscoCisco Secure Firewall Threat Defense (FTD) Software7.4.3affected
CiscoCisco UTD SNORT IPS Engine Software17.9.3aaffected
CiscoCisco UTD SNORT IPS Engine Software17.12.1aaffected
CiscoCisco UTD SNORT IPS Engine Software17.12.2affected
CiscoCisco UTD SNORT IPS Engine Software17.13.1aaffected
CiscoCisco UTD SNORT IPS Engine Software17.9.5aaffected
CiscoCisco UTD SNORT IPS Engine Software17.12.3affected
CiscoCisco UTD SNORT IPS Engine Software17.14.1aaffected
CiscoCisco UTD SNORT IPS Engine Software17.12.4affected
CiscoCisco UTD SNORT IPS Engine Software17.12.3aaffected
CiscoCisco UTD SNORT IPS Engine Software17.15.1aaffected
CiscoCisco UTD SNORT IPS Engine Software17.9.6affected
CiscoCisco UTD SNORT IPS Engine Software17.16.1aaffected
CiscoCisco UTD SNORT IPS Engine Software17.12.4aaffected
CiscoCisco UTD SNORT IPS Engine Software17.15.2caffected
CiscoCisco UTD SNORT IPS Engine Software17.12.4baffected
CiscoCisco UTD SNORT IPS Engine Software17.15.2aaffected
CiscoCisco UTD SNORT IPS Engine Software17.12.5affected
CiscoCisco UTD SNORT IPS Engine Software17.17.1affected
CiscoCisco UTD SNORT IPS Engine Software17.12.5aaffected
CiscoCisco UTD SNORT IPS Engine Software17.15.3aaffected
CiscoCisco UTD SNORT IPS Engine Software17.15.3affected
CiscoCisco UTD SNORT IPS Engine Software17.12.5baffected
CiscoCisco UTD SNORT IPS Engine Software17.12.5caffected
CiscoCisco UTD SNORT IPS Engine Software17.15.4affected
CiscoCisco UTD SNORT IPS Engine Software17.18.1affected
CiscoCisco UTD SNORT IPS Engine Software17.18.1aaffected
CiscoCisco UTD SNORT IPS Engine Software17.12.6affected
CiscoCisco UTD SNORT IPS Engine Software17.15.4caffected
CiscoCisco UTD SNORT IPS Engine Software17.12.5daffected
CiscoCisco UTD SNORT IPS Engine Software17.18.2affected

Weaknesses

  • CWE-786: Access of Memory Location Before Start of Buffer

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References