CVE-2025-20169

CVSS 3.1 Score 7.7 of 10 (high)

Details

Published Feb 5, 2025

CWE ID 805

Summary

CVE-2025-20169 is a vulnerability affecting SNMP subsystems in Cisco IOS Software and Cisco IOS XE Software. An authenticated, remote attacker can exploit this issue by sending a maliciously crafted SNMP request, leading to a denial-of-service (DoS) condition on the affected device. This occurs due to improper error handling during SNMP request parsing. The vulnerability affects SNMP versions 1, 2c, and 3. For versions 2c and earlier, an attacker requires a valid read-write or read-only community string. In the case of SNMP v3, the attacker needs valid SNMP user credentials.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/3Fa-m8
https://www.cve.org/CVERecord?id=CVE-2025-20169
https://nvd.nist.gov/vuln/detail/CVE-2025-20169

Back to Vulnerability Database

CVE-2025-20169

CVSS 3.1 Score 7.7 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations