By Sead Fadilpašić
Copyright techradar
Skip to main content
Tech Radar Pro
Tech Radar Gaming
Close main menu
the business technology experts
België (Nederlands)
Deutschland
North America
US (English)
Australasia
New Zealand
View Profile
Search TechRadar
Expert Insights
Website builders
Web hosting
Best web hosting
Best office chairs
Best website builder
Best antivirus
Expert Insights
Don’t miss these
Cisco ISE maximum severity flaw lets hackers execute root code
FBI warns Russian hackers are targeting an old Cisco security flaw, so patch now
Citrix patches a trio of high-severity security bugs, so be on your guard
Cisco warns of worrying major security flaw in firewall command center, so patch now
Cisco warns of a serious security flaw in comms platform – and that it needs patching immediately
HPE warns hardcoded passwords in Aruba hardware could pose a major security risk
CISA warns hackers are actively exploiting critical CitrixBleed 2
WatchGuard warns users Firebox firewalls may have a critical issue – here’s what we know
CISA flags some more serious Ivanti software flaws, so patch now
CitrixBleed 2 exploits are now in the wild, so patch now
CitrixBleed 2 flaws are officially here – so get patching or leave your systems at risk
Microsoft releases urgent SharePoint security flaw patches – here’s what you need to know, and how to update
Mitel warns critical security flaw could let hackers completely bypass logins
Trend Micro tells users to patch immediately to protect from Apex One zero-day
Hacker using backdoor to exploit SonicWall Secure Mobile Access to steal credentials
Cisco warns zero-day vulnerability exploited in attacks on IOS software
Sead Fadilpašić
25 September 2025
A patch is already available, so update now
When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.
(Image credit: Shutterstock / Valriya Zankovych)
Cisco patches CVE-2025-20352, a high-severity SNMP flaw actively exploited in the wild
Attackers can cause DoS or gain root access using crafted SNMP packets and credentials
No workaround exists; users must apply Cisco’s patch or use temporary mitigation steps
Cisco has patched a high-severity vulnerability in its IOS and IOS XE Software it says is being actively exploited in the wild.
In a recently published security advisory, the company said it discovered, and fixed, a stack overflow condition in the Simple Network Management Protocol (SNMP) subsystem of the OS. It is tracked as CVE-2025-20352, and has a severity score of 7.7/10 (high).
Successfully exploiting the bug could grant low-privileged attackers the ability to reload the systems and cause a DoS condition. A high-privileged attacker, on the other hand, could use the bug to run arbitrary code as the root user, and fully take over the compromised endpoints.
You may like
Cisco ISE maximum severity flaw lets hackers execute root code
FBI warns Russian hackers are targeting an old Cisco security flaw, so patch now
Citrix patches a trio of high-severity security bugs, so be on your guard
Patches and mitigations
To cause the DoS, the attacker must have the SNMPv2c or earlier read-only community string or valid SNMPv3 user credentials, the networking giant explained.
To execute code as the root user, the attacker must have the SNMPv1 or v2c read-only community string or valid SNMPv3 user credentials and administrative or privilege 15 credentials on the affected device. The flaw could be exploited through a custom SNMP packet sent over IPv4 or IPv6.
All devices running a vulnerable release of IOS and IOS XE are affected, the company stressed, adding that all older versions of SNMP were flawed. This includes Meraki MS390 and Cisco Catalyst 9300 Series Switches that are running Meraki CS 17, as well.
To address the vulnerability, Cisco released a patch, and warned the users to apply it immediately since the bug is being actively abused in the wild: “The Cisco Product Security Incident Response Team (PSIRT) became aware of successful exploitation of this vulnerability in the wild after local Administrator credentials were compromised,” the company said.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.
There are no workarounds to address the flaw, but there is a mitigation that can be used as a temporary solution until the patch is deployed. More details about the mitigation can be found on this link.
Via BleepingComputer
You might also like
Cisco patches critical security issues, so update now
Take a look at our guide to the best authenticator app
We’ve rounded up the best password managers
Sead Fadilpašić
Social Links Navigation
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
Cisco ISE maximum severity flaw lets hackers execute root code
FBI warns Russian hackers are targeting an old Cisco security flaw, so patch now
Citrix patches a trio of high-severity security bugs, so be on your guard
Cisco warns of worrying major security flaw in firewall command center, so patch now
Cisco warns of a serious security flaw in comms platform – and that it needs patching immediately
HPE warns hardcoded passwords in Aruba hardware could pose a major security risk
Latest in Security
Jaguar Land Rover facing costs of “millions per week” following cyberattack – due to a lack of insurance cover
Python developers targeted with new password-stealing phishing attacks – here’s how to stay safe
Libraseva urges users to patch now as it issues emergency fix following attacks
GitHub is finally tightening up security around npm following multiple attacks
Cloudflare says it has (once again) blocked the largest-ever DDoS attack in history
Watch out – even small businesses are now facing threats from deepfake attacks
Latest in News
Microsoft Flight Simulator 2024 is flying onto PS5 in December, with PSVR 2 support coming in 2026
PlayStation reveals Pulse Elevate speakers designed for PS5 and PC – and they have a pretty weird feature set
Sony announces new release date for Spider-Man: Beyond the Spider-Verse – and it’s a move that’s baffled me
It may have leaked early, but Forza Horizon 6’s first trailer confirms Japan setting and a 2026 release
Hoping for some big Black Friday laptop deals? Intel CPU price hikes could scupper your plans
YouTube is finally letting you hide one of its most annoying features – and you’re going to be thankful for this
LATEST ARTICLES
Quordle hints and answers for Friday, September 26 (game #1341)
NYT Connections hints and answers for Friday, September 26 (game #838)
NYT Strands hints and answers for Friday, September 26 (game #572)
PlayStation reveals Pulse Elevate speakers designed for PS5 and PC – and they have a pretty weird feature set
Microsoft Flight Simulator 2024 is flying onto PS5 in December, with PSVR 2 support coming in 2026
TechRadar is part of Future US Inc, an international media group and leading digital publisher. Visit our corporate site.
Contact Future’s experts
Terms and conditions
Privacy policy
Cookies policy
Advertise with us
Web notifications
Accessibility Statement
Future US, Inc. Full 7th Floor, 130 West 42nd Street,
Please login or signup to comment
Please wait…
