Multiple Cisco Products Snort 3 Denial of Service Vulnerabilities
Summary
Multiple Cisco products are affected by vulnerabilities in the Snort 3 Detection Engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is part of the March 2026 release of the Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software Security Adv…
- Scope: For information about which products were affected by these vulnerabilities at the time of publication, see the following sections. Open Source Snort 3
- Release 3.x (first fixed: 3.9.2.0 and later / 3.6.3.0 and later / 3.9.7.0 and later / 3.9.5.0 and later)
- Release 17.12 (first fixed: 17.12.7 (Mar 2026))
- Release 17.15 (first fixed: 17.15.5)
- Release 17.18 (first fixed: 17.18.3 (Apr 2026))
- Release 26.1 (first fixed: 26.1.1 (Mar 2026))
- Earlier than 5.3 — Migrate to a fixed release
- Release 5.3 (first fixed: 5.3.3)
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
- 3.9.2.0 and later / 3.6.3.0 and later / 3.9.7.0 and later / 3.9.5.0 and later
- 17.12.7 (Mar 2026)
- 17.15.5
- 17.18.3 (Apr 2026)
- 26.1.1 (Mar 2026)
- 5.3.3
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Mitigation checklist
- Upgrade to the first fixed release for your train per the Fixed Releases table in this advisory.
- Release 3.x: upgrade to 3.9.2.0 and later / 3.6.3.0 and later / 3.9.7.0 and later / 3.9.5.0 and later.
- Release 17.12: upgrade to 17.12.7 (Mar 2026).
- Release 17.15: upgrade to 17.15.5.
- Release 17.18: upgrade to 17.18.3 (Apr 2026).
- Release 26.1: upgrade to 26.1.1 (Mar 2026).
- Earlier than 5.3: migrate to a fixed release.
- Release 5.3: upgrade to 5.3.3.
- There are no workarounds that address these vulnerabilities.
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.