Vulnerability in Cisco Secure Firewall Snort 3 Detection Engine Allows for Denial of Service (DoS) Attacks

Cisco has disclosed a high-severity vulnerability, tracked as CVE-2025-20217, in its Secure Firewall Threat Defense (FTD) Software. This critical flaw allows unauthenticated remote attackers to trigger denial-of-service conditions through the Snort 3 Detection Engine, which is responsible for analysing and filtering network traffic for threats. Published on August 14, 2025, as part of Cisco’s semiannual security advisory bundle, the vulnerability has a CVSS score of 8.6. The issue arises from incorrect processing of traffic during packet inspection, leading to a significant weakness in devices running vulnerable versions of Cisco Secure FTD Software with Snort 3 enabled. Attackers can exploit this vulnerability by sending specially crafted traffic, causing the affected device to enter an infinite loop during traffic inspection, resulting in a denial-of-service condition.

When successfully exploited, the vulnerability traps the Snort process in an infinite loop, halting all traffic inspection until the system watchdog detects the issue and restarts the Snort process. This creates a temporary but critical security gap, allowing malicious traffic to pass through undetected. The attack requires no authentication and can be executed remotely, making it particularly dangerous for internet-facing Cisco FTD devices. Cisco has confirmed that several products, including Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Management Center (FMC) Software, are not affected by this vulnerability. As no workarounds are available, organisations must apply the software updates released by Cisco to mitigate the risk associated with this vulnerability.

Categories: Cybersecurity Vulnerability, Denial-of-Service Attack, Network Traffic Inspection

Tags: CVE-2025-20217, Denial-of-Service, Cisco, Secure Firewall, Snort 3, Vulnerability, Packet Inspection, Remote Attackers, Infinite Loop, Security Advisory

Vulnerability in Cisco Secure Firewall Snort 3 Detection Engine Allows for Denial of Service (DoS) Attacks

AppSuite PDF Editor Vulnerability Allows Execution of Arbitrary Commands on Compromised Systems

GhostRedirector Hackers Target Windows Servers Using Malicious IIS Module to Alter Search Results

Hundreds of Thousands of Users’ Grok Chats Leaked in Google Search Results

Windows Heap-Based Buffer Overflow Vulnerability Allows Attackers to Escalate Privileges

Hundreds of Thousands of Grok Chat Users Exposed in Google Search Results

New ZipLine Campaign Targets Key Manufacturing Firms with In-Memory Malware MixShell Deployment

Leave a Reply Cancel reply

Similar Posts

Leave a Reply Cancel reply