⚠ Actively exploited

Added to CISA KEV on 2025-09-29. Federal agencies required to patch by 2025-10-20. Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable..

CVE-2025-20352

CWE-121 — Stack-based Buffer Overflow14 documents8 sources

Severity

7.7HIGH

EPSS

2.7%

top 14.17%

CISA KEV

KEV

Added 2025-09-29

Due 2025-10-20

Exploit

No known exploits

Affected products

Cisco Cisco IOS XE Catalyst Sd-wan Cisco Cisco IOS XE Software Cisco IOS +2 more

Timeline

PublishedSep 24

KEV addedSep 29

Latest updateOct 16

KEV dueOct 20

CISA Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Description

A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow the following: An authenticated, remote attacker with low privileges could cause a denial of service (DoS) condition on an affected device that is running Cisco IOS Software or Cisco IOS XE Software. To cause the DoS, the attacker must have the SNMPv2c or earlier read-only community string or valid SNMPv3 user credentials. An authenticated, remote attacker with h…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:HExploitability: 3.1 | Impact: 4.0

Affected Packages6 packages

▶CVEListV5cisco/cisco_ios_xe_software349 versions+348

▶CVEListV5cisco/ios726 versions+725

▶NVDcisco/ios726 versions+725

▶NVDcisco/ios_xe349 versions+348

▶NVDcisco/ios_xe_sd-wan21 versions+20

🔴Vulnerability Details

CVEList

CVE-2025-20352: A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow the following:↗2025-09-24

▶

GHSA

GHSA-c924-mch4-p3p3: A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow the following:↗2025-09-24

▶

VulnCheck

Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability↗2025

▶

📋Vendor Advisories

CISA

Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability↗2025-09-29

▶

Cisco

Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability↗2025-09-24

▶

🕵️Threat Intelligence

Bleepingcomputer

Hackers exploit Cisco SNMP flaw to deploy rootkit on switches↗2025-10-16

▶

Trendmicro

Operation Zero Disco: Attackers Exploit Cisco SNMP Vulnerability to Deploy Rootkits↗2025-10-15

▶

Trendmicro

Operation Zero Disco: Attackers Exploit Cisco SNMP Vulnerability to Deploy Rootkits↗2025-10-15

▶

Trendmicro

Operation Zero Disco: Attackers Exploit Cisco SNMP Vulnerability to Deploy Rootkits↗2025-10-15

▶

Trendmicro

Operation Zero Disco: Attackers Exploit Cisco SNMP Vulnerability to Deploy Rootkits↗2025-10-15

▶