"Attackers with low-privilege SNMP creds can crash a device, while those with higher-privilege access can run arbitrary code as root - a straight shot to total box compromise. "The Cisco Product Security Incident Response Team (PSIRT) became aware of successful exploitation of this vulnerability in the wild after local Administrator credentials were compromised," the company said. "Cisco strongly recommends that customers upgrade to a fixed software release to remediate this vulnerability.""
"There's no clever workaround this time, and the only reliable mitigation is to patch. Cisco suggests admins can buy themselves a little time by restricting SNMP access to trusted management hosts, but that's cold comfort if the attacker is already inside the fence. Alongside this fix, Cisco bundled updates for a cross-site scripting vulnerability and a denial-of-service flaw, though CVE-2025-20352 is the one that is raising the alarm bells."
Cisco confirmed a zero-day in IOS and IOS XE, CVE-2025-20352, located in the SNMP subsystem and triggerable via a malicious IPv4 or IPv6 packet when SNMP is enabled. Low-privilege SNMP credentials can cause device crashes, while higher-privilege access permits arbitrary code execution as root, enabling full compromise. Cisco PSIRT observed exploitation after local Administrator credentials were compromised and recommends upgrading to fixed releases. No reliable workaround exists beyond patching; restricting SNMP to trusted management hosts offers only limited temporary mitigation. Updates also address an XSS issue and a denial-of-service flaw.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]