Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.8
Cisco Secure Firewall FTD Software can crash due to malicious SSL packets
CVE-2026-20052
Summary
An attacker can send specially crafted SSL packets to a Cisco Secure Firewall, causing it to crash and become unavailable. This could happen without warning, and it's a problem because it would leave the network unprotected. To protect your network, apply the latest updates to your Cisco Secure Firewall software.
Original title
A vulnerability in the memory management handling for the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause th...
Original description
A vulnerability in the memory management handling for the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart.
This vulnerability is due to a logic error in memory management when a device is performing Snort 3 SSL packet inspection. An attacker could exploit this vulnerability by sending crafted SSL packets through an established connection to be parsed by the Snort 3 Detection Engine. A successful exploit could allow the attacker to cause a denial of service (DoS) condition when the Snort 3 Detection Engine unexpectedly restarts.
This vulnerability is due to a logic error in memory management when a device is performing Snort 3 SSL packet inspection. An attacker could exploit this vulnerability by sending crafted SSL packets through an established connection to be parsed by the Snort 3 Detection Engine. A successful exploit could allow the attacker to cause a denial of service (DoS) condition when the Snort 3 Detection Engine unexpectedly restarts.
nvd CVSS3.1
5.8
Vulnerability type
CWE-788
Published: 4 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026