Cisco on Wednesday introduced patches for 14 vulnerabilities in IOS and IOS XE, together with a bug that has been exploited within the wild.
The exploited flaw, tracked as CVE-2025-20352 (CVSS rating of seven.7), is described as a stack overflow situation within the Easy Community Administration Protocol (SNMP) subsystem of IOS and IOS XE that may be exploited by sending crafted SNMP packets to a susceptible router or swap.
Attackers with low privileges, Cisco explains, can exploit the problem to trigger a denial-of-service (DoS) situation. Excessive-privileged attackers may exploit it to execute arbitrary code remotely as the foundation consumer.
“To execute code as the foundation consumer, the attacker will need to have the SNMPv1 or v2c read-only neighborhood string or legitimate SNMPv3 consumer credentials and administrative or privilege 15 credentials on the affected gadget,” Cisco notes in its advisory.
All gadgets operating susceptible IOS and IOS XE releases are affected, in addition to Meraki MS390 and Catalyst 9300 sequence switches operating Meraki CS 17 and earlier releases.
Cisco urges customers to replace their gadgets to a patched launch as quickly as potential, because the safety defect has been exploited within the wild by attackers utilizing compromised administrator credentials.
The recent spherical of IOS and IOS XE patches, introduced as a part of Cisco’s semiannual bundled publication, resolves eight different high-severity vulnerabilities that would result in DoS situations, code execution throughout boot, command execution with root privileges, authentication bypass, and knowledge leaks.
The remaining 5 bugs, all medium-severity, may result in DoS situations, XSS assaults, command execution with root privileges, entry management listing (ACL) bypass, or entry to the gadget’s public-key infrastructure (PKI) server.Commercial. Scroll to proceed studying.
Cisco says proof-of-concept (PoC) exploit code exists for 2 of those points, tracked as CVE-2025-20240 and CVE-2025-20149, however factors out that it isn’t conscious of their exploitation.
Three different medium-severity bugs patched this week have an effect on Cisco’s SD-WAN vEdge, Entry Level, and Wi-fi Entry Level (AP) software program and will result in ACL bypass, IPv6 gateway tampering, and Machine Analytics knowledge tampering.
Cisco says it isn’t conscious of any of those flaws being exploited within the wild. Extra info could be discovered on the corporate’s safety advisories web page.
Associated: GeoServer Flaw Exploited in US Federal Company Hack
Associated: SonicWall Updates SMA 100 Home equipment to Take away Overstep Malware
Associated: SolarWinds Makes Third Try at Patching Exploited Vulnerability
Associated: Fortra Patches Crucial GoAnywhere MFT Vulnerability
