CVE-2025-20359
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-15

Last updated on: 2025-10-16

Assigner: Cisco Systems, Inc.

Description
Multiple Cisco products are affected by a vulnerability in the Snort 3 HTTP Decoder that could allow an unauthenticated, remote attacker to cause the disclosure of possible sensitive data or cause the Snort 3 Detection Engine to crash. This vulnerability is due to an error in the logic of buffer handling when the MIME fields of the HTTP header are parsed. This can result in a buffer under-read. An attacker could exploit this vulnerability by sending crafted HTTP packets through an established connection that is parsed by Snort 3. A successful exploit could allow the attacker to induce one of two possible outcomes: the unexpected restarting of the Snort 3 Detection Engine, which could cause a denial of service (DoS) condition, or information disclosure of sensitive information in the Snort 3 data stream. Due to the under-read condition, it is possible that sensitive information that is not valid connection data could be returned.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-15
Last Modified
2025-10-16
Generated
2026-06-16
AI Q&A
2025-10-15
EPSS Evaluated
2026-06-15
NVD
CVE-2025-20359
EUVD
EUVD-2025-34665
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
cisco snort 3.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-127 The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations prior to the targeted buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Snort 3 HTTP Decoder used by multiple Cisco products. It is caused by an error in buffer handling logic when parsing MIME fields in HTTP headers, leading to a buffer under-read. An unauthenticated remote attacker can exploit this by sending specially crafted HTTP packets, potentially causing the Snort 3 Detection Engine to crash or disclose sensitive information from the Snort 3 data stream.

Impact Analysis

Exploitation of this vulnerability can lead to two main impacts: a denial of service (DoS) condition by causing the Snort 3 Detection Engine to unexpectedly restart, disrupting network security monitoring; or disclosure of sensitive information from the Snort 3 data stream, which could expose data that is not valid connection data.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-20359. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart