Detections
Analytics
Cisco Meraki Multiple Vulnerabilities (cisco-sa-snort3-dcerpc-vulns-J9HNF4tH)
medium Nessus Plugin ID 290254
Synopsis
The remote Cisco Meraki device is potentially missing one or more security-related updates.Description
According to its self-reported version, the Cisco Meraki device is affected by the following vulnerabilities.:- A vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, resulting in an interruption of packet inspection. This vulnerability is due to an error in buffer handling logic when processing DCE/RPC requests, which can result in a buffer use-after-free read. An attacker could exploit this vulnerability by sending a large number of DCE/RPC requests through an established connection that is inspected by Snort 3. A successful exploit could allow the attacker to unexpectedly restart the Snort 3 Detection Engine, which could cause a denial of service (DoS). (CVE-2026-20026)
- A vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, resulting in an interruption of packet inspection. This vulnerability is due to an error in buffer handling logic when processing DCE/RPC requests, which can result in a buffer out-of-bounds read. An attacker could exploit this vulnerability by sending a large number of DCE/RPC requests through an established connection that is inspected by Snort 3. A successful exploit could allow the attacker to obtain sensitive information in the Snort 3 data stream. (CVE-2026-20027)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Upgrade to the relevant fixed version referenced in Cisco bug IDs CSCwq75339, CSCwq75359, CSCwr21376, CSCwr21389See Also
http://www.nessus.org/u?eb34775f
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwq75339
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwq75359
Plugin Details
Severity: Medium
ID: 290254
File Name: cisco-sa-snort3-dcerpc-vulns-J9HNF4tH-meraki.nasl
Version: 1.1
Type: remote
Family: CISCO
Published: 1/16/2026
Updated: 1/16/2026
Configuration: Enable paranoid mode
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Low
Score: 2.9
CVSS v3
Risk Factor: Medium
Base Score: 5.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
Vulnerability Information
CPE: cpe:/h:cisco:meraki
Required KB Items: installed_sw/Cisco Meraki, Settings/ParanoidReport
Patch Publication Date: 1/7/2026
Vulnerability Publication Date: 1/7/2026
Reference Information
CVE: CVE-2026-20026, CVE-2026-20027
CISCO-SA: cisco-sa-snort3-dcerpc-vulns-J9HNF4tH
IAVA: 2026-A-0029
CISCO-BUG-ID: CSCwq75339, CSCwq75359, CSCwr21376, CSCwr21389