Multiple Vulnerabilities in Cisco SNMP for IOS Software Let Attackers Trigger DoS Attack

Cisco has disclosed multiple high-severity vulnerabilities in the Simple Network Management Protocol (SNMP) subsystem of its IOS, IOS XE, and IOS XR software. 

These vulnerabilities could allow authenticated, remote attackers to trigger a Denial of Service (DoS) condition on affected devices. 

The vulnerabilities are tracked under CVE-2025-20169, CVE-2025-20170, and CVE-2025-20171 and have a Common Vulnerability Scoring System (CVSS) base score of 7.7, indicating high risk.

Google News

Cisco SNMP for IOS Software Flaws

The vulnerabilities identified as CVE-2025-20169, CVE-2025-20170, and CVE-2025-20171 in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software may allow an authorized, remote attacker to trigger a DoS condition on an affected device. 

These vulnerabilities are caused by improper error handling when parsing SNMP requests. An attacker could take advantage of this issue by submitting a crafted SNMP request to an affected device.

These issues affect all versions of SNMP—v1, v2c, and v3. To exploit these vulnerabilities:For SNMP v2c or earlier, attackers must possess valid read-write or read-only community strings, and for SNMP v3, attackers need valid user credentials.

Cisco credits security researcher “leg00m,” working with Trend Micro Zero Day Initiative, for identifying and reporting these critical issues.

Affected Products

Devices running a vulnerable version of Cisco IOS Software, IOS XE Software, or IOS XR Software with the SNMP feature enabled are at risk. 

Administrators can verify SNMP configurations using the following commands:

For SNMP v1/v2c:

show running-configuration | include snmp-server community

For SNMP v3:

show running-configuration | include snmp-server group
show snmp user

Cisco has stated that no workarounds exist for these vulnerabilities but has recommended mitigations:

  • Restrict SNMP access to trusted devices only.
  • Disable vulnerable Object Identifiers (OIDs) where possible.

Cisco is actively working on software updates to address these flaws. Fixed versions for affected software releases are scheduled as follows:

IOS and IOS XE Software

IOS XR Software

As of now, Cisco’s Product Security Incident Response Team (PSIRT) has not observed any active exploitation of these vulnerabilities in the wild.

Organizations using Cisco devices with SNMP enabled should act promptly by implementing mitigations and preparing for software upgrades to secure their networks against potential DoS attacks stemming from these vulnerabilities.

PCI DSS 4.0 & Supply Chain Attack Prevention – Free Webinar

Kaaviya
Kaaviya
http://cybersecuritynews.com/
Kaaviya is a Security Editor and fellow reporter with Cyber Security News. She is covering various cyber security incidents happening in the Cyber Space.