"However, Cisco noted that for this to happen, the following conditions need to be met - To cause the DoS, the attacker must have the SNMPv2c or earlier read-only community string or valid SNMPv3 user credentials To execute code as the root user, the attacker must have the SNMPv1 or v2c read-only community string or valid SNMPv3 user credentials and administrative or privilege 15 credentials on the affected device"
"The company said the issue affects all versions of SNMP, as well as Meraki MS390 and Cisco Catalyst 9300 Series Switches that are running Meraki CS 17 and earlier. It has been fixed in Cisco IOS XE Software Release 17.15.4a. Cisco IOS XR Software and NX-OS Software are not impacted. "This vulnerability affects all versions of SNMP. All devices that have SNMP enabled and have not explicitly excluded the affected object ID (OID) should be considered vulnerable," Cisco said."
A high-severity SNMP stack overflow vulnerability (CVE-2025-20352, CVSS 7.7) in IOS and IOS XE has been exploited after local administrator credentials were compromised. The flaw resides in the SNMP subsystem and can be triggered by an authenticated remote attacker sending a crafted SNMP packet over IPv4 or IPv6. Low-privilege SNMP access can cause a denial-of-service, while SNMP credentials plus administrative (privilege 15) credentials can enable arbitrary code execution as root. All SNMP versions and devices with SNMP enabled (unless the affected OID is explicitly excluded) are vulnerable. The issue is fixed in IOS XE 17.15.4a; IOS XR and NX-OS are not impacted. No complete workarounds exist; restrict SNMP access to trusted users and monitor SNMP activity.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]