SNMP Vulnerability in Cisco IOS, IOS XE, and IOS XR Software
CVE-2025-20172

7.7HIGH

Key Information:

Vendor
Cisco
Status
iOS
Cisco iOS Xr Software
Cisco iOS Xe Software
Vendor
CVE Published:
5 February 2025

Badges

👾 Exploit Exists

Summary

This vulnerability exists within the SNMP subsystem across multiple Cisco software platforms, namely Cisco IOS, IOS XE, and IOS XR. It arises from improper error handling during the parsing of SNMP requests, enabling an authenticated, remote attacker to potentially exploit the flaw. By sending a specially crafted SNMP request, attackers can either cause devices running IOS or IOS XE to unexpectedly reload, leading to downtime, or disrupt the SNMP process on devices running IOS XR, thereby interrupting SNMP responses. Exploitation requires knowledge of the valid SNMP community string for SNMP v2c or earlier versions, or valid SNMP user credentials for SNMP v3.

Affected Version(s)

Cisco IOS XE Software 3.7.0S

Cisco IOS XE Software 3.7.1S

Cisco IOS XE Software 3.7.2S

References

https://sec.cloudapps.cisco.com/security/center/content/C...

CVSS V3.1

Score:
7.7
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.