#cisco-ios

[ follow ]
#cve-2025-20352 #snmp #remote-code-execution #snmp-vulnerability #zero-day-exploit
Information security
fromArs Technica
1 day ago

As many as 2 million Cisco devices affected by actively exploited 0-day

Up to two million Cisco IOS and IOS XE devices are vulnerable to CVE-2025-20352, an SNMP stack overflow allowing remote DoS or root-level code execution.
fromTheregister
1 day ago

Zero-day deja vu: Another Cisco IOS bug is under attack

Attackers with low-privilege SNMP creds can crash a device, while those with higher-privilege access can run arbitrary code as root - a straight shot to total box compromise. "The Cisco Product Security Incident Response Team (PSIRT) became aware of successful exploitation of this vulnerability in the wild after local Administrator credentials were compromised," the company said. "Cisco strongly recommends that customers upgrade to a fixed software release to remediate this vulnerability."
Information security
[ Load more ]