CVE-2026-20057

EUVD-2026-9461
Multiple Cisco products are affected by a vulnerability in the Snort 3 Visual Basic for Applications (VBA) feature which could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. 
 
This vulnerability is due to lack of proper error checking when decompressing VBA data. An attacker could exploit this vulnerability by sending a crafted VBA data to the Snort 3 Detection Engine on the targeted device. A successful exploit could allow the attacker to cause the Snort 3 Detection Engine to unexpectedly restart causing a a denial of service (DoS) condition.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
ciscoCNA
5.8 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
ciscocyber_vision
3.0.0
CNA
ciscocyber_vision
3.0.2
CNA
ciscocyber_vision
3.0.3
CNA
ciscocyber_vision
3.0.1
CNA
ciscocyber_vision
3.1.0
CNA
ciscocyber_vision
3.0.4
CNA
ciscocyber_vision
3.1.1
CNA
ciscocyber_vision
3.1.2
CNA
ciscocyber_vision
3.2.0
CNA
ciscocyber_vision
3.0.5
CNA
ciscocyber_vision
3.2.1
CNA
ciscocyber_vision
3.0.6
CNA
ciscocyber_vision
3.2.2
CNA
ciscocyber_vision
3.2.3
CNA
ciscocyber_vision
3.2.4
CNA
ciscocyber_vision
4.0.0
CNA
ciscocyber_vision
4.0.1
CNA
ciscocyber_vision
4.0.2
CNA
ciscocyber_vision
4.0.3
CNA
ciscocyber_vision
4.1.0
CNA
ciscocyber_vision
4.1.1
CNA
ciscocyber_vision
4.1.2
CNA
ciscocyber_vision
4.1.3
CNA
ciscocyber_vision
4.1.4
CNA
ciscocyber_vision
4.2.0
CNA
ciscocyber_vision
4.2.1
CNA
ciscocyber_vision
4.1.5
CNA
ciscocyber_vision
4.2.2
CNA
ciscocyber_vision
4.2.3
CNA
ciscocyber_vision
4.2.4
CNA
ciscocyber_vision
4.2.6
CNA
ciscocyber_vision
4.1.6
CNA
ciscocyber_vision
4.3.0
CNA
ciscocyber_vision
4.3.1
CNA
ciscocyber_vision
4.3.2
CNA
ciscocyber_vision
4.3.3
CNA
ciscocyber_vision
4.4.0
CNA
ciscocyber_vision
4.4.1
CNA
ciscocyber_vision
4.4.2
CNA
ciscocyber_vision
4.4.3
CNA
ciscocyber_vision
4.1.7
CNA
ciscocyber_vision
5.0.0
CNA
ciscocyber_vision
5.0.1
CNA
ciscocyber_vision
5.0.2
CNA
ciscocyber_vision
5.1.0
CNA
ciscocyber_vision
5.1.1
CNA
ciscocyber_vision
5.1.2
CNA
ciscocyber_vision
5.1.3
CNA
ciscocyber_vision
5.2.0
CNA
ciscocyber_vision
5.2.1
CNA
ciscocyber_vision
5.3.0
CNA
ciscocyber_vision
5.3.1
CNA
ciscocyber_vision
7.2.0
CNA
ciscocyber_vision
7.2.0.1
CNA
ciscocyber_vision
7.2.1
CNA
ciscocyber_vision
7.3.0
CNA
ciscocyber_vision
7.2.2
CNA
ciscocyber_vision
7.2.3
CNA
ciscocyber_vision
7.3.1
CNA
ciscocyber_vision
7.2.4
CNA
ciscocyber_vision
7.2.5
CNA
ciscocyber_vision
7.2.4.1
CNA
ciscocyber_vision
7.3.1.1
CNA
ciscocyber_vision
7.4.0
CNA
ciscocyber_vision
7.2.5.1
CNA
ciscocyber_vision
7.4.1
CNA
ciscocyber_vision
7.2.6
CNA
ciscocyber_vision
7.4.1.1
CNA
ciscocyber_vision
7.2.7
CNA
ciscocyber_vision
7.2.5.2
CNA
ciscocyber_vision
7.3.1.2
CNA
ciscocyber_vision
7.2.8
CNA
ciscocyber_vision
7.6.0
CNA
ciscocyber_vision
7.4.2
CNA
ciscocyber_vision
7.2.8.1
CNA
ciscocyber_vision
7.4.2.1
CNA
ciscocyber_vision
7.2.9
CNA
ciscocyber_vision
7.7.0
CNA
ciscocyber_vision
7.4.2.2
CNA
ciscocyber_vision
7.2.10
CNA
ciscocyber_vision
7.6.1
CNA
ciscocyber_vision
7.4.2.3
CNA
ciscocyber_vision
7.6.2
CNA
ciscocyber_vision
7.7.10
CNA
ciscocyber_vision
7.6.2.1
CNA
ciscocyber_vision
7.7.10.1
CNA
ciscocyber_vision
7.4.2.4
CNA
ciscocyber_vision
7.2.10.2
CNA
ciscocyber_vision
7.4.3
CNA
ciscocyber_vision
17.12.1a
CNA
ciscocyber_vision
17.12.2
CNA
ciscocyber_vision
17.13.1a
CNA
ciscocyber_vision
17.12.3
CNA
ciscocyber_vision
17.14.1a
CNA
ciscocyber_vision
17.12.4
CNA
ciscocyber_vision
17.12.3a
CNA
ciscocyber_vision
17.15.1a
CNA
ciscocyber_vision
17.16.1a
CNA
ciscocyber_vision
17.12.4a
CNA
ciscocyber_vision
17.15.2c
CNA
ciscocyber_vision
17.12.4b
CNA
ciscocyber_vision
17.15.2a
CNA
ciscocyber_vision
17.12.5
CNA
ciscocyber_vision
17.17.1
CNA
ciscocyber_vision
17.12.5a
CNA
ciscocyber_vision
17.15.3a
CNA
ciscocyber_vision
17.15.3
CNA
ciscocyber_vision
17.12.5b
CNA
ciscocyber_vision
17.12.5c
CNA
ciscocyber_vision
17.15.4
CNA
ciscocyber_vision
17.18.1
CNA
ciscocyber_vision
17.18.1a
CNA
ciscocyber_vision
17.12.6
CNA
ciscocyber_vision
17.15.4c
CNA
ciscocyber_vision
17.12.5d
CNA
ciscocyber_vision
17.18.2
CNA
Common Weakness Enumeration
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-vbavuls-96UcVVed