The vulnerability, designated CVE-2025-20217 and tracked as advisory cisco-sa-ftd-dos-SvKhtjgt, affects the Snort 3 Detection Engine component of Cisco’s Secure Firewall Threat Defense (FTD) Software.
With a CVSS base score of 8.6, the flaw is classified as high severity and was first published on August 14, 2025.
The security issue stems from the incorrect processing of network traffic during packet inspection.
An unauthenticated, remote attacker can exploit this vulnerability by sending specially crafted traffic through affected devices, potentially causing the system to enter an infinite loop during traffic inspection.
This results in a denial of service condition that can disrupt critical network security functions.
The vulnerability specifically targets Cisco devices running vulnerable releases of Cisco Secure FTD Software that have intrusion policies enabled with the Snort 3 engine active.
When successfully exploited, the attack causes the affected device to become unresponsive during traffic inspection, though Cisco notes that the system watchdog will automatically restart the Snort process.
Organizations can determine if their systems are vulnerable by checking whether Snort 3 is actively running on their Cisco Secure FTD Software installations.
Only devices with Snort 3 enabled are susceptible to this particular attack vector.
Cisco has confirmed that no workarounds exist to mitigate this vulnerability, making software updates the only viable solution for affected organizations.
The company has released free software updates that completely address the security flaw, and customers with active service contracts can obtain these fixes through their regular update channels.
Several Cisco products remain unaffected by this vulnerability, including Secure Firewall Adaptive Security Appliance (ASA) Software, Secure Firewall Management Center (FMC) Software, and various other security platforms in Cisco’s portfolio.
The vulnerability was discovered during the resolution of a Cisco Technical Assistance Center support case, and the company’s Product Security Incident Response Team reports no evidence of active exploitation or public announcements regarding malicious use of this flaw.
This advisory is part of Cisco’s August 2025 semiannual security advisory bundle for Secure Firewall products. Customers are strongly encouraged to apply the available software updates immediately to protect their network infrastructure from potential attacks.
Organizations without service contracts can contact Cisco’s Technical Assistance Center for upgrade assistance, provided they can demonstrate entitlement through product serial numbers and reference to this security advisory.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates
The post Cisco Secure Firewall Snort 3 Flaw Could Let Attackers Trigger DoS Attacks appeared first on Cyber Security News.
ZyG has emerged from stealth with the launch of its Agentic Operating System to power scale…
Silverflow, the Dutch-based cloud-native payments processing company, has raised $40 million in a Series B…
You play a handcrafted puppet in a papercraft world in Hidalgo, a newly announced cozy…
Earlier in 2026, we got our first look at Saber Interactive’s currently Untitled John Wick…
What next for Temuera Morrison and his iconic character Boba Fett in the ongoing Star…
Last time I checked, the color indigo looked a little different. | Photo: Antonio G.…
This website uses cookies.