Multiple Cisco Products Snort 3 Distributed Computing Environment/Remote Procedure Call Vulnerabilities
Summary
Multiple Cisco products are affected by vulnerabilities in the processing of Distributed Computing Environment Remote Procedure Call (DCE/RPC) requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, which would result in an interruption of packet inspection. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are workarounds that address these vulnerabilities.
- Scope: For information about which products were affected by these vulnerabilities at the time of publication, see the following sections. Open Source Snort 3
- Release 3.x (first fixed: 3.9.6.0)
- Release 17.12 (first fixed: 17.12.7 (Mar 2026))
- Release 17.15 (first fixed: 17.15.5)
- Release 17.18 (first fixed: 17.18.3 (Apr 2026))
- Release 26.1 (first fixed: 26.1.1 (Mar 2026))
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
- 3.9.6.0
- 17.12.7 (Mar 2026)
- 17.15.5
- 17.18.3 (Apr 2026)
- 26.1.1 (Mar 2026)
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Mitigation checklist
- Upgrade to the first fixed release for your train per the Fixed Releases table in this advisory.
- Release 3.x: upgrade to 3.9.6.0.
- Release 17.12: upgrade to 17.12.7 (Mar 2026).
- Release 17.15: upgrade to 17.15.5.
- Release 17.18: upgrade to 17.18.3 (Apr 2026).
- Release 26.1: upgrade to 26.1.1 (Mar 2026).
- There are no workarounds that address these vulnerabilities.
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.