Cisco warns of advanced security flaws in iOS and iOS XE software that allow remote attackers to execute arbitrary code under certain circumstances or trigger denial of service (DOS) conditions.
The company added that the vulnerability, CVE-2025-20352 (CVSS score: 7.7), has been utilized in the wild, and has been noticed “after local administrator qualifications have been compromised.”
According to the Networking Equipment major, the issue is rooted in a simple Network Management Protocol (SNMP) subsystem that occurs as a result of a stack overflow condition.
An authenticated remote attacker could exploit the flaw by sending crafted SNMP packets to the affected devices over an IPv4 or IPv6 network.
However, Cisco pointed out that for this to happen, the following conditions must be met –
To cause DOS, the attacker must have snmpv2c or a previous read-only community string or valid snmpv3 user credentials. You must run the code as the root user.
The company said the issue is affecting all versions of SNMP, as well as Meraki MS390 and Cisco Catalyst 9300 series switches. Fixed in Cisco iOS XE Software Release 17.15.4a. Cisco IOS XR software and NX-OS software are not affected.
“This vulnerability affects all versions of SNMP. Any device that has SNMP enabled and does not explicitly exclude an affected object ID (OID) should be considered vulnerable,” Cisco said.
There is no workaround to resolve CVE-2025-20352, but one mitigation Cisco proposes involves enabling SNMP access on affected systems only to trusted users, and running the “Show SNMP host” command to monitor the system.
“Admins can disable affected OIDs on devices,” he added. “Not all software supports OIDs listed in Millimeters. If the OID is not enabled for certain software, this vulnerability is not affected. Excluding these OIDs, it can affect device management via SNMP, such as discovery and hardware inventory.”
Source link
