CVE-2026-20006

Name of the Vulnerable Software and Affected Versions Cisco Secure Firewall Threat Defense (FTD) Software (affected versions not specified)

Description A flaw exists in the TLS cryptography functionality within the Snort 3 Detection Engine. This issue could allow a remote attacker to trigger an unexpected restart of the Snort 3 Detection Engine, leading to a denial of service (DoS) condition. The root cause is an improper implementation of the TLS protocol. An attacker can exploit this by sending a specially crafted TLS packet to a vulnerable system. TLS 1.3 is not affected.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.