TL;DR 📌
A high-severity denial of service (DoS) vulnerability has been identified in the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense Software. An unauthenticated remote attacker can exploit this issue, leading to potential service disruptions. Cisco has released software updates to address this vulnerability, but no workarounds are available.
What happened 🕵️♂️
A vulnerability in the packet inspection functionality of the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service condition on affected devices. This issue arises from incorrect processing of traffic being inspected, which can lead to an infinite loop during traffic inspection. Although the system watchdog will automatically restart the Snort process, the vulnerability poses a significant risk of service interruption.