433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Cisco Secure Firewall Threat Defense Software TLS with Snort 3 Detection Engine Denial of Service Vulnerability

A vulnerability in the TLS cryptography functionality of the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to unexpectedly restart, resulting in a denial of service (DoS) condition. This vulnerability is due to improper implementation of the TLS protocol. An attacker could exploit this vulnerability by sending a crafted TLS packet to an affected system. A successful exploit could allow the attacker to cause a device that is running Cisco Secure FTD Software to drop network traffic, resulting in a DoS condition.  Note: TLS 1.3 is not affected by this vulnerability. Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tcp-dos-rHfqnwRg This advisory is part of the March 2026 release of the Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: March 2026 Semiannual Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software Security Advisory Bundled Publication. Security Impact Rating: Medium CVE: CVE-2026-20006
http://news.poseidon-us.com/TRHpPy

Multiple Cisco Products Snort 3 Denial of Service Vulnerabilities

Multiple Cisco products are affected by vulnerabilities in the Snort 3 Detection Engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort3-multi-dos-XFWkWSwz This advisory is part of the March 2026 release of the Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: March 2026 Semiannual Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software Security Advisory Bundled Publication. Security Impact Rating: Medium CVE: CVE-2026-20005,CVE-2026-20065,CVE-2026-20066,CVE-2026-20067,CVE-2026-20068
http://news.poseidon-us.com/TRHpNk

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software IPsec Denial of Service Vulnerability

A vulnerability in the processing of Galois/Counter Mode (GCM)-encrypted Internet Key Exchange version 2 (IKEv2) IPsec traffic of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to the allocation of an insufficiently sized block of memory. An attacker could exploit this vulnerability by sending crafted GCM-encrypted IPsec traffic to an affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition. To exploit this vulnerability, the attacker must have valid credentials to establish a VPN connection with the affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-esp-dos-uv7yD8P5 This advisory is part of the March 2026 release of the Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: March 2026 Semiannual Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software Security Advisory Bundled Publication. Security Impact Rating: High CVE: CVE-2026-20049
http://news.poseidon-us.com/TRHpNW

Cisco Secure Firewall Adaptive Security Appliance Software Multiple Context Mode SCP Unauthorized File Access Vulnerability

A vulnerability in the CLI of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software in multiple context mode could allow an authenticated, local attacker with administrative privileges in one context to copy files to or from another context, including configuration files.   This vulnerability is due to improper access controls for Secure Copy Protocol (SCP) operations when the Cisco SSH stack is enabled. An attacker could exploit this vulnerability by authenticating to a non-admin context of the device and issuing crafted SCP copy commands in that non-admin context. A successful exploit could allow the attacker to read, create, or overwrite sensitive files that belong to another context, including the admin and system contexts. The attacker cannot directly impact the availability of services that pertain to other contexts. To exploit this vulnerability, the attacker must have valid administrative credentials for a non-admin context.   Note: An attacker cannot list or enumerate files from another context and would need to know the exact file path, which increases the complexity of a successful attack. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-scpcxt-filecpy-rgeP73nE This advisory is part of the March 2026 release of the Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: March 2026 Semiannual Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software Security Advisory Bundled Publication. Security Impact Rating: High CVE: CVE-2026-20062
http://news.poseidon-us.com/TRHpNC

Multiple Cisco Products Snort 3 Visual Basic for Applications Denial of Service Vulnerabilities

Multiple Cisco products are affected by vulnerabilities in the Snort 3 Visual Basic for Applications (VBA) Decompression Engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to unexpectedly restart, resulting in a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are workarounds that address these vulnerabilities. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-vbavuls-96UcVVed This advisory is part of the March 2026 release of the Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: March 2026 Semiannual Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software Security Advisory Bundled Publication. Security Impact Rating: Medium CVE: CVE-2026-20053,CVE-2026-20054,CVE-2026-20057,CVE-2026-20058
http://news.poseidon-us.com/TRHpMb

Cisco Secure Firewall Adaptive Security Appliance Software TCP Flood Denial of Service Vulnerability

A vulnerability in the handling of the embryonic connection limits in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause incoming TCP SYN packets to be dropped incorrectly. This vulnerability is due to improper handling of new, incoming TCP connections that are destined to management or data interfaces when the device is under a TCP SYN flood attack. An attacker could exploit this vulnerability by sending a crafted stream of traffic to an affected device. A successful exploit could allow the attacker to prevent all incoming TCP connections to the device from being established, including remote management access, Remote Access VPN (RAVPN) connections, and all network protocols that are TCP-based. This results in a denial of service (DoS) condition for affected features. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-FCvLD6vR This advisory is part of the March 2026 release of the Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: March 2026 Semiannual Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software Security Advisory Bundled Publication. Security Impact Rating: High CVE: CVE-2026-20082
http://news.poseidon-us.com/TRHpKg

Digital.ai expands post-build protection for Android and iOS applications

Software security has reached an inflection point as AI development tools increase the volume and velocity of software releases, while AI is also powering the next generation of threat actors driving attack volume and sophistication to new heights. For security teams, this is not just acceleration – it is multiplication: more apps, more releases, and more opportunities for attackers. The challenge is no longer protecting just flagship applications but securing all Android and iOS releases … More → The post Digital.ai expands post-build protection for Android and iOS applications appeared first on Help Net Security.
http://news.poseidon-us.com/TRHl45

Tufin’s AI-powered tools simplify network security operations

Tufin announced its latest AI-powered innovations, enabling customers to utilize its Unified Control Plane to accelerate issue resolution, reduce operational friction, and limit risk – even as network complexity continues to grow. Security teams face pressure to move faster while maintaining a secure network environment. The complexity of the network makes it harder and harder to keep tabs on where potential problems are and opens up opportunities for attackers using advanced AI tools to take … More → The post Tufin’s AI-powered tools simplify network security operations appeared first on Help Net Security.
http://news.poseidon-us.com/TRHl3G

Webinar: The True State of Security 2026

AI has become the most popular scapegoat in security. While the risk is real, the obsession is costly. Most security failures don’t start with AI. They start with people, access, and security workflows that don’t scale. This webinar aims to reframe the conversation and show why the imbalance is the real threat to modern organizations. In this webinar, you’ll gain insight into: Why AI is distracting teams from more persistent risks How human access and … More → The post Webinar: The True State of Security 2026 appeared first on Help Net Security.
http://news.poseidon-us.com/TRHgVZ

Over 1,200 IceWarp servers still vulnerable to unauthenticated RCE flaw (CVE-2025-14500)

A critical RCE vulnerability (CVE-2025-14500) in IceWarp, an EU-made business communication and collaboration platform, may be exploited by attackers to gain unauthorized access to exposed unpatched servers. According to the Shadowserver Foundation, there are currently over 1,200 internet-facing instances that have yet to receive a fix, and the organization is sending out alerts to the owners, urging them to update. About CVE-2025-14500 IceWarp, developed by the Czech company of the same name, is a business … More → The post Over 1,200 IceWarp servers still vulnerable to unauthenticated RCE flaw (CVE-2025-14500) appeared first on Help Net Security.
http://news.poseidon-us.com/TRHgV1