Meraki

Community

Medium Rated CVE's Impacting Meraki MX - CVE-2026-20026, CVE-2026-20027

Brash
Kind of a big deal
Kind of a big deal
‎Jan 13 2026 7:14 PM
‎Jan 13 2026 7:14 PM

Medium Rated CVE's Impacting Meraki MX - CVE-2026-20026, CVE-2026-20027

Just noting here for anyone who has to have tight controls around vulnerabilities in their environment.

Meraki MX's (along with FTD's and some IOS-XE devices) are affected by vulnerabilities related to the Snort Engine.

 

Advisory: Multiple Cisco Products Snort 3 Distributed Computing Environment/Remote Procedure Call Vulnerabilit...
CVE Base Score: 5.8
Fixed Release: There is currently no fixed release for Meraki MX noted in the security advisory

4 Replies 4
RWelch
Kind of a big deal
Kind of a big deal
‎Jan 13 2026 7:35 PM
‎Jan 13 2026 7:35 PM

Thank you for sharing (awareness).

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
RaphaelL
Kind of a big deal
Kind of a big deal
‎Jan 14 2026 6:24 AM
‎Jan 14 2026 6:24 AM

Curious to see which firmware train is going to receive the fix. 

 

Anything higher than 17.6 runs Snort3.

0 Kudos
jbright
A model citizen
‎Jan 14 2026 8:36 AM
‎Jan 14 2026 8:36 AM

Cisco plans to release fixes for Cisco Meraki software in February 2026.

BlakeRichardson
Kind of a big deal
Kind of a big deal
‎Jan 15 2026 10:59 AM
‎Jan 15 2026 10:59 AM

Thanks for sharing. 

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2026 Cisco Systems, Inc.