SB2026030501 - Multiple DoS vulnerabilities in Cisco Secure Firewall Management Center and Cisco FTD

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2026030501

SB2026030501 - Multiple DoS vulnerabilities in Cisco Secure Firewall Management Center and Cisco FTD

Published: March 5, 2026

Security Bulletin ID SB2026030501
Severity
Medium
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Medium 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 secuirty vulnerabilities.


1) Improper error handling (CVE-ID: CVE-2026-20068)

The vulnerability allows a remote attacker to perform a denial of service attack.

The vulnerability exists due to improper error handling when parsing remote procedure call (RPC) data. A remote attacker can send specially crafted RPC packets through an established connection to be parsed by Snort 3 and perform a denial of service attack.


2) Improper error handling (CVE-ID: CVE-2026-20067)

The vulnerability allows a remote attacker to perform a denial of service attack.

The vulnerability exists due to improper error handling when parsing the Multicast DNS fields of the HTTP header. A remote attacker can send specially crafted HTTP packets through an established connection to be parsed by Snort 3 and perform a denial of service attack.


3) Input validation error (CVE-ID: CVE-2026-20066)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to an error in the JSTokenizer normalization logic when the HTTP inspection normalizes JavaScript. A remote attacker can send specially crafted HTTP packets through an established connection that is parsed by Snort 3 and perform a denial of service attack.


4) Input validation error (CVE-ID: CVE-2026-20005)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient parsing of the SSL handshake ingress packets by the Snort 3 Detection Engine. A remote attacker can send specially crafted SSL handshake packets to the system and perform a denial of service (DoS) attack.


Remediation

Install update from vendor's website.

References