—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

SNMP Denial of Service and Remote Code Execution Vulnerability in Cisco IOS and IOS XE 

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: CRITICAL

Software Affected

Cisco IOS Software

Cisco IOS XE Software

Overview

A vulnerability has been reported in Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE which could allow a remote attacker to execute code as the root user, cause Denial of Service (DoS) and Remote Code Execution (RCE) on targeted system.

Target Audience:

All System, Network Administrators, Security Operations, Incident Response (SOC/IR) immediately identifies and isolate affected Cisco devices.

Risk Assessment:

High risk of data manipulation and service disruption.

Impact Assessment:

Potential impact on confidentiality, Integrity and availability of System.

Description

A vulnerability exists in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and Cisco IOS XE Software due to a stack overflow condition. A remote attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device over IPv4 or IPv6 networks.

Successfully exploitation of this vulnerability  could allow an attacker with a low-privileged malicious user to cause the affected system to reload, resulting in a DoS condition, or allow a high-privileged malicious user to execute arbitrary code  with root-level privileges, gaining full control over the affected device.

Note: This Vulnerability (CVE-2025-20352) is being exploited in the wild. Users are advised to apply the patches urgently.

Solution

Apply appropriate updates as mentioned in:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-x4LPhte

Vendor Information

CISCO

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-x4LPhte

References

 

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-x4LPhte

https://www.bleepingcomputer.com/news/security/cisco-warns-of-ios-zero-day-vulnerability-exploited-in-attacks/

CVE Name

CVE-2025-20352

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmjVVosACgkQ3jCgcSdc

ys+7qA//cm1lxnc/rosfY/waZgVa17sreDgmsraqF1wFZB8MO2cQJHSsBHrWwLyn

s53OvfyESqU07nde9y9Tond6Jmx6TFKHmDd+OZQQxxFfea0Ji3DOTBxjZcBZJIPn

Z3C/J7VuRJoXU3Lfn8p+uXE0TFmdwHRZsvFEatOX1ls+zBCerMNsw568VEjrP26W

8aouXHTSR+Arv4GTGR7cxzVOtpPH2ZnGja35e9k/yBC68FzGM9inWr35i7bopSU4

2He/QwyJx9j5538WTIOH4lpgA5EmGP743fbadMnjLQum+LP3EGsO8t/pBM0MYwU0

s/MA5YHw7z4C8Z2y5oKfPXp3KrnyHQHRC3XwJExy9fz5j1Ry3PTo//eJ1cGkxudu

KII7gSdmbk2OHxxKvjfPp2+PDqc79aTPry4KUUvO1OSJOkrliNw3NEDhskG7lhtb

zkKkZ/PEI4TwNJaMvWoFbwZs6KzvFgAKsU49ssqTwvm1LEEnAatDoQrdBhbSYvKu

24La9BiDD0rqSTpk3iAc9VqRld4Mv8CgdnFRSuAqE/5avQ034YrUUU3joREflZFi

S964UDmh0LzOe5N3Waf3SAzii0HfmRW0og/tCn9oS7mVYDzWVmN0mtoOTb81MvS5

Nmr92jsbJuaJncTgxj7nITdL+LmZG2nHedQUKHX0oeOywxP8DGo=

=Zg08

—–END PGP SIGNATURE—–