What is CVE-2026-20027?

CVE-2026-20027 is a medium-severity vulnerability in Cisco Secure Firewall Threat Defense (Ftd) Software, classified under Information Disclosure. CVSS score: 5.3/10. Published 2026-01-07.

How severe is CVE-2026-20027?

Medium severity. CVSS v3 base score is 5.3 out of 10.

Information disclosure in Cisco Secure Firewall Threat Defense (Ftd) Software

CVE-2026-20027

Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, resulting…

Vulnerability class: Information Disclosure

EPSS: 0.000 (15.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N.

Affected products

Cisco Secure Firewall Threat Defense (Ftd) Software — versions 7.0.0, 7.0.0.1, 7.0.1
Cisco Utd Snort Ips Engine Software — versions 3.17.1S, 16.12.3, Fuji-16.9.5

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

cisco-sa-snort3-dcerpc-vulns-J9HNF4tH

Frequently asked questions

What is CVE-2026-20027?: CVE-2026-20027 is a medium-severity vulnerability in Cisco Secure Firewall Threat Defense (Ftd) Software, classified under Information Disclosure. CVSS score: 5.3/10. Published 2026-01-07.
How severe is CVE-2026-20027?: Medium severity. CVSS v3 base score is 5.3 out of 10.