A stack-overflow SNMP zero-day in Cisco IOS/IOS XE (CVE-2025-20352) enables remote code execution or DoS; about two million internet-exposed devices may be vulnerable.
Cisco Warns of Actively Exploited SNMP Vulnerability Allowing RCE or DoS in IOS Software
High-severity SNMP stack overflow (CVE-2025-20352) in Cisco IOS/IOS XE enables remote code execution or DoS when attacker has specific SNMP and administrative credentials.
As many as 2 million Cisco devices affected by actively exploited 0-day
Up to two million Cisco IOS and IOS XE devices are vulnerable to CVE-2025-20352, an SNMP stack overflow allowing remote DoS or root-level code execution.
Cisco Patches Zero-Day Flaw Affecting Routers and Switches
A critical SNMP stack overflow (CVE-2025-20352) in IOS/IOS XE is being exploited; apply Cisco patches immediately to prevent DoS or remote root code execution.
