CVE-2025-20172 — Uncaught Exception in Cisco IOS XE Software

CWE-248 — Uncaught Exception CWE-805 — Buffer Access with Incorrect Length Value4 documents4 sources

Severity

7.7HIGHNVD

EPSS

0.3%

top 46.57%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco IOS XE Software Cisco IOS XR Software Cisco IOS +2 more

Timeline

PublishedFeb 5

Description

A vulnerability in the SNMP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. For Cisco IOS and IOS XE Software, a successful exploit could allow the attacker to cause the device to reload u…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:HExploitability: 3.1 | Impact: 4.0

Affected Packages6 packages

▶CVEListV5cisco/cisco_ios_xe_software426 versions+425

▶CVEListV5cisco/cisco_ios_xr_software48 versions+47

▶CVEListV5cisco/ios678 versions+677

▶NVDcisco/ios678 versions+677

▶NVDcisco/ios_xe426 versions+425

🔴Vulnerability Details

CVEList

CVE-2025-20172: A vulnerability in the SNMP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an authenticated, remote att↗2025-02-05

▶

GHSA

GHSA-fg9r-rh56-7jcv: A vulnerability in the SNMP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an authenticated, remote att↗2025-02-05

▶

📋Vendor Advisories

Cisco

Cisco IOS, IOS XE, and IOS XR Software SNMP Denial of Service Vulnerabilities↗2025-02-05

▶