Cisco has issued security updates to address zero-day vulnerability in Cisco iOS and iOS XE software, which is currently being exploited in attacks.
The CVE-2025-20352 was tracked, the defect is due to a stack-based buffer overflow weakness that is found in the subcistom of weak iOS and iOS XE software in the simple network management protocol (SNMP), which affects all devices with SNMP.
Certified, distance attackers with less privileges can take advantage of this vulnerability, which are to trigger the refusal-of-service (DOS) conditions on unexpected devices. On the other hand, high-conspective attackers can achieve complete control of the system running weak Cisco iOS XE software by executing the code as a root user.
“An attacker can take advantage of this vulnerability by sending an SNMP packet on an affected device on the IPV4 or IPV6 network,” Cisco said In a Wednesday advisor.
“Cisco product safety event response team (PSIRT) became aware of the successful exploitation of this vulnerability in the wild after compromising with local administrators credentials. Cisco strongly recommends that customers upgrade a certain software to release this vulnerability.”
Although there are no workarounds to address this vulnerability in addition to implementing the patch released today, Cisco said that the administrators who cannot immediately upgrade weak software can reduce the problem by temporarily limiting SNMP access on an affected system.
The company warned, “To completely remove this vulnerability and avoid the future risk described in this advisor, Cisco strongly recommended that customers upgrade into a fixed software indicated in this advisor.”
Today, Cisco patched 13 other security weaknessesOut of which two proof-of-concept explite codes are available.
First, a Cisco iOS XE reflects cross-site scripting (XSS) defect Cve-2025-20240One can be used by an informal, distance attacker to steal cookies from weak devices.
Second, tracked as Cve-2025-20149There is an refusal-service-service vulnerability that allows local attackers to force the affected equipment to re-load.
In May, the company also set the maximum severity of the wireless LAN controllers, the iOS XE defect, which enabled informal attackers to handle remote equipment using a hard-coded JSON web token (JWT).
The passwords broke in 46% of the atmosphere, almost doubled by 25% last year.
Picus Blue Report 2025 Now get a wider look at more conclusions on prevention, detection and data exfIs.
