Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.8
Cisco Products Can Crash When Processing Malicious Microsoft Files
CVE-2026-20053
Summary
Multiple Cisco products have a vulnerability that can be exploited by an attacker sending a specially crafted Microsoft file. This could cause the product to crash, making it unavailable. Users should update their products to the latest version to fix the issue.
Original title
Multiple Cisco products are affected by a vulnerability in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash.
This vulne...
Original description
Multiple Cisco products are affected by a vulnerability in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash.
This vulnerability is due to improper range checking when decompressing VBA data, which is user controlled. An attacker could exploit this vulnerability by sending crafted VBA data to the Snort 3 Detection Engine on the targeted device. A successful exploit could allow the attacker to cause an overflow of heap data, which could cause a DoS condition.
This vulnerability is due to improper range checking when decompressing VBA data, which is user controlled. An attacker could exploit this vulnerability by sending crafted VBA data to the Snort 3 Detection Engine on the targeted device. A successful exploit could allow the attacker to cause an overflow of heap data, which could cause a DoS condition.
nvd CVSS3.1
5.8
Vulnerability type
CWE-122
Heap-based Buffer Overflow
Published: 4 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026