Home

Description

Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, resulting in an interruption of packet inspection. This vulnerability is due to an error in buffer handling logic when processing DCE/RPC requests, which can result in a buffer out-of-bounds read. An attacker could exploit this vulnerability by sending a large number of DCE/RPC requests through an established connection that is inspected by Snort 3. A successful exploit could allow the attacker to obtain sensitive information in the Snort 3 data stream.

PUBLISHED Reserved 2025-10-08 | Published 2026-01-07 | Updated 2026-02-12 | Assigner cisco




MEDIUM: 5.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Problem types

Exposure of Sensitive Information to an Unauthorized Actor

Product status

Default status
unknown

7.0.0
affected

7.0.0.1
affected

7.0.1
affected

7.1.0
affected

7.0.1.1
affected

7.1.0.1
affected

7.0.2
affected

7.2.0
affected

7.0.2.1
affected

7.0.3
affected

7.1.0.2
affected

7.2.0.1
affected

7.0.4
affected

7.2.1
affected

7.0.5
affected

7.3.0
affected

7.2.2
affected

7.2.3
affected

7.3.1
affected

7.1.0.3
affected

7.2.4
affected

7.0.6
affected

7.2.5
affected

7.2.4.1
affected

7.3.1.1
affected

7.4.0
affected

7.0.6.1
affected

7.2.5.1
affected

7.4.1
affected

7.2.6
affected

7.0.6.2
affected

7.4.1.1
affected

7.2.7
affected

7.2.5.2
affected

7.3.1.2
affected

7.2.8
affected

7.6.0
affected

7.4.2
affected

7.2.8.1
affected

7.0.6.3
affected

7.4.2.1
affected

7.2.9
affected

7.0.7
affected

7.7.0
affected

7.4.2.2
affected

7.2.10
affected

7.6.1
affected

7.4.2.3
affected

7.0.8
affected

7.6.2
affected

7.7.10
affected

7.0.8.1
affected

7.6.2.1
affected

7.7.10.1
affected

7.4.2.4
affected

7.2.10.2
affected

7.4.3
affected

Default status
unknown

3.17.1S
affected

16.12.3
affected

Fuji-16.9.5
affected

16.12.4
affected

17.3.1a
affected

16.6.6
affected

16.12.2
affected

Fuji-16.9.6
affected

3.17.0S
affected

Fuji-16.9.3
affected

Denali-16.3.7
affected

Fuji-16.9.2
affected

Fuji-16.9.4
affected

Everest-16.6.4
affected

Everest-16.6.3
affected

16.6.5
affected

Denali-16.3.5
affected

17.2.1r
affected

17.1.1
affected

Everest-16.6.2
affected

16.6.7a
affected

Denali-16.3.4
affected

16.6.1
affected

Denali-16.3.9
affected

Denali-16.3.3
affected

16.12.1a
affected

17.3.2
affected

17.4.1a
affected

16.12.5
affected

17.5.1
affected

Fuji-16.9.7
affected

16.6.9
affected

17.3.3
affected

17.5.1a
affected

17.3.4
affected

17.3.4a
affected

17.4.2
affected

17.4.1b
affected

17.6.1a
affected

16.6.10
affected

17.7.1a
affected

16.12.6
affected

Fuji-16.9.8
affected

17.6.2
affected

17.8.1a
affected

16.12.7
affected

17.3.5
affected

17.6.3
affected

17.6.3a
affected

17.7.2
affected

17.9.1a
affected

17.6.4
affected

17.10.1a
affected

17.3.6
affected

16.12.8
affected

17.3.7
affected

17.9.2a
affected

17.6.5
affected

17.11.1a
affected

17.9.3a
affected

17.12.1a
affected

17.9.4
affected

17.6.6
affected

17.3.8
affected

17.3.8a
affected

17.6.6a
affected

17.9.4a
affected

17.12.2
affected

17.13.1a
affected

17.9.5a
affected

17.12.3
affected

17.6.7
affected

17.14.1a
affected

17.12.4
affected

17.12.3a
affected

17.15.1a
affected

17.6.8
affected

17.9.6
affected

17.6.8a
affected

17.16.1a
affected

17.9.5e
affected

17.12.4a
affected

17.15.2c
affected

17.9.5f
affected

17.12.4b
affected

17.15.2a
affected

17.12.5
affected

17.17.1
affected

17.12.5a
affected

17.9.7a
affected

17.15.3a
affected

17.15.3
affected

17.12.5b
affected

17.12.5c
affected

17.15.4
affected

17.9.7b
affected

17.18.1
affected

17.18.1a
affected

17.12.6
affected

17.9.8
affected

17.15.4c
affected

17.12.5d
affected

17.18.2
affected

References

sec.cloudapps.cisco.com/...o-sa-snort3-dcerpc-vulns-J9HNF4tH (cisco-sa-snort3-dcerpc-vulns-J9HNF4tH)

cve.org (CVE-2026-20027)

nvd.nist.gov (CVE-2026-20027)

Download JSON