CVE-2025-20175

Summary

CVE-2025-20175 is a vulnerability impacting the SNMP subsystem in Cisco IOS Software and Cisco IOS XE Software. This issue results from improper error handling while parsing SNMP requests, potentially allowing an authenticated, remote attacker to cause a Denial of Service (DoS) condition on susceptible devices. The vulnerability affects SNMP versions 1, 2c, and 3. To exploit this weakness via SNMP v2c or earlier, an attacker requires a valid read-write or read-only SNMP community string for the targeted system. For SNMP v3, the attacker must possess legitimate SNMP user credentials. Successful exploitation could lead to the device unexpectedly reloading, inducing a DoS condition.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.