CVE-2026-20026
Use-After-Free in Cisco Snort 3 Causes DoS via DCE/RPC
Publication date: 2026-01-07
Last updated on: 2026-01-07
Assigner: Cisco Systems, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| cisco | snort_3 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-415 | The product calls free() twice on the same memory address. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in multiple Cisco products due to an error in buffer handling logic when processing DCE/RPC requests in the Snort 3 Detection Engine. It can be exploited by an unauthenticated, remote attacker who sends a large number of DCE/RPC requests through an established connection inspected by Snort 3. This can cause a buffer use-after-free read, leading to sensitive information leakage or an unexpected restart of the Snort 3 Detection Engine.
How can this vulnerability impact me? :
Exploitation of this vulnerability can cause the Snort 3 Detection Engine to leak sensitive information or restart unexpectedly. The restart results in an interruption of packet inspection, causing a denial of service (DoS) condition. This could impact network security monitoring and potentially expose sensitive data.