—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Simple Network Management Protocol (SNMP) Denial of Service Vulnerability in CISCO 

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: HIGH

Software Affected

Cisco IOS XE Software

Overview

A vulnerability has been reported in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

Target Audience: 

All IT administrators and individuals responsible for maintaining and updating in Simple Network Management Protocol (SNMP) subsystem of Cisco IOS XE Software.

Risk Assessment:

High risk of data manipulation and service disruption.

Impact Assessment:

Potential impact on confidentiality, integrity, and availability of the system.

Description

This vulnerability exists due to improper error handling when parsing a specific SNMP request. An attacker could exploit this vulnerability by sending a specific SNMP request to an affected device.

Successful exploitation of this vulnerability could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition.

Solution

Apply appropriate updates as mentioned in Cisco Advisory

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmpwred-x3MJyf5M

Vendor Information

CISCO

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmpwred-x3MJyf5M

References

CISCO

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmpwred-x3MJyf5M

CVE Name

CVE-2025-20312

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmjWl3kACgkQ3jCgcSdc

ys9S2BAAp6zK8kF1aCbBqerHp5lSAvbL8DTh1y/ZrxnxP3OVGFYWcLVb544VZ7af

5OOQS+F9Hqd3+VJgB1weEIBy597ZBufkYuQxR9C4iPwrScoCfpgKGeNaJKGn5BB4

OujXoKO7ugS41JMjVwBd7hgBoOb9Z1MdFTUnSzbcQEKAOMyiDyEm/CTzy+jhJqYZ

GNET5b1Sti15XndNCKaHOi1mIDzj0tcXRTXHWRlfO1hBrM0ujRcMDPvaD491qivW

k8ERDxcQfgJVO1UHRW0wGGWyPOt0x4xZ9+ALo3jN3Dd/2Kiy+uI6C8CItgps2QmV

ECKGvxOgsAxqw75XtvIljJMMk2eTVc1USpd4+BiisJaPuJ3Ye1pNrdKaWklcIZHq

2r4QGF8egYdWjqWq5U0Pmj3K0kNmhjznn9bUSSFGCx8Khuk4g/6bx8UtuGLmAIlh

dgJBm8k1Cvh45BytshCSptUq/4aNy/JqqC1GtsGPihmOsKfJNnliE05ByKZ5Sy0E

WdzsNDE4fgnnz8pmt7yI/HZOCre1RzR/HyFibhreO3uGqRs9rxwq1LufcMxDI5zA

J7/JTAClI9oQfatVlFNkFYgFtBYGxNYbd4MiEkrMMu46yXHYGn4jHZmQsQe5zie8

44LfhInVUUIral0oC4c5aTZhJsPuJZSrY4e7zzfZ7Mh2IbtyDPA=

=NB+y

—–END PGP SIGNATURE—–