CVE-2023-20270

Summary

CVE-2023-20270 is a vulnerability affecting the interaction between the Server Message Block (SMB) protocol preprocessor and the Snort 3 detection engine in Cisco Firepower Threat Defense (FTD) Software. An unauthenticated, remote attacker can exploit this issue by sending maliciously crafted SMB packet streams, leading to policy bypass or a denial of service (DoS) condition. This vulnerability arises due to inadequate error-checking within the Snort 3 detection engine as it processes SMB traffic. A successful attack could cause the Snort process to reload, resulting in a DoS incident.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.