- Cisco Patches CVE-2025-20352, a high severity SNMP defect actively exploited in nature
- The attackers can cause two or obtain access to the root using SNMP packages and credentials
- There is no solution; Users must apply the Cisco patch or use temporary mitigation steps
Cisco has patched a high severity vulnerability in its iOS and iOS XE software that says it is being actively exploited in nature.
In a recently published security notice, the company said it discovered and set a stack overflow condition in the simple network management subsystem Management (SNMP) of the operating system. It is tracked as CVE-2025-20352, and has a severity score of 7.7/10 (high).
Exploiting the error successfully could give the attackers of low privilege the ability to recharge the systems and cause a condition two. A high privilege attacker, on the other hand, could use the error to execute arbitrary code as a root user and take care of the compromised final points.
Patches and mitigations
To cause the two, the attacker must have the SNMPV2C or a community only reading chain or the valid SNMPV3 user credentials, explained the networks giant.
To execute the code as a root user, the attacker must have the SNMPV1 or V2C Solo Community chain or the valid SNMPV3 user credentials and administrative or privileged credentials 15 in the affected device. The fault could be exploited through a custom SNMP package sent through IPV4 or IPV6.
All devices that execute a vulnerable version of iOS and iOS XE are affected, the company emphasized, added that all the oldest versions of SNMP were defective. This includes the MS390 and Cisco Catalyst 9300 series switches that are also executing Meraki CS 17.
To address vulnerability, Cisco launched a patch and warned users to apply it immediately since the error is being actively abused in nature: “The equipment for response to Cisco product security incidents (PSirt) realized the successful exploitation of this vulnerability in nature after the credentials of local administrators were compromised,” said the company.
There are no solutions to address the fault, but there is a mitigation that can be used as a temporary solution until the patch is implemented. You can find more details about mitigation in this link.
Through Bleepingcomputer
