CVE-2025-20176

CVSS 3.1 Score 7.7 of 10 (high)

Details

Published Feb 5, 2025

Summary

CVE-2025-20176 is a vulnerability affecting the SNMP subsystem in Cisco IOS Software and Cisco IOS XE Software. This issue arises from improper error handling when processing SNMP requests, which enables an authenticated, remote attacker to trigger a Denial of Service (DoS) condition on the affected device. The vulnerability can potentially cause the device to reload unexpectedly. SNMP versions 1, 2c, and 3 are susceptible to this vulnerability. For SNMP v2c and earlier, an attacker requires a valid read-write or read-only community string. For SNMP v3, valid SNMP user credentials are required to exploit the vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/3Fa-nK
https://www.cve.org/CVERecord?id=CVE-2025-20176
https://nvd.nist.gov/vuln/detail/CVE-2025-20176

Back to Vulnerability Database

CVE-2025-20176

CVSS 3.1 Score 7.7 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations