Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Cisco SNMP mitigation guidance for CVE-2025-20352

Advisory/Mitigation
First reported
Last updated
Happening score
H score 50
1 unique sources, 1 articles

Summary

Hide ▲

Cisco issued mitigation guidance for CVE-2025-20352 on SNMP-enabled IOS and IOS XE systems, warning administrators to reduce exposure on devices that remain vulnerable. The guidance matters because the flaw is actively exploited and can enable DoS or even root code execution under specific conditions. Cisco's immediate advice is to restrict SNMP access, monitor affected systems, and disable the affected OIDs where supported.

Cases

Cisco IOS/IOS XE SNMP Zero-Day Exploitation and Operation Zero Disco (5)

Related Happenings

Linux kernel rxgk local DirtyDecrypt/DirtyCBC privilege-escalation flaw (CVE-2026-31635)

Vulnerability
First: 18.05.2026 10:18 Last: 18.05.2026 10:18 Sources 1

About this happening: A **proof-of-concept exploit** has been released for **DirtyDecrypt/DirtyCBC** (**CVE-2026-31635**), a **recently patched Linux kernel** flaw in **rxgk_decrypt_skb()** that can en...

Open Happening

Cisco Catalyst SD-WAN authentication bypass flaw actively exploited (CVE-2026-20182)

Vulnerability
First: 14.05.2026 23:09 Last: 14.05.2026 23:09 Sources 1

About this happening: **CVE-2026-20182** is an actively exploited **authentication bypass** in **Cisco Catalyst SD-WAN Controller** and **Cisco Catalyst SD-WAN Manager**, creating a path to **administr...

Latest development: 14.05.2026 23:25

Cisco released a patch for CVE-2026-20182, giving organizations using Cisco Catalyst SD-WAN Controllers a way to block the authentication bypass before UAT-8616 can continue using it for administrative access, SSH key insertion, NETCONF changes, and root escalation.

Open Happening

Cisco security patch release for CVE-2026-20188

Security Patch Release
First: 06.05.2026 21:06 Last: 06.05.2026 21:06 Sources 1

About this happening: **Cisco** released security updates for **CVE-2026-20188**, a high-severity **DoS vulnerability** in **Crosswork Network Controller (CNC)** and **Network Services Orchestrator (NS...

Open Happening

Cisco Catalyst SD-WAN Manager information disclosure vulnerability (CVE-2026-20133)

Vulnerability
First: 21.04.2026 15:30 Last: 21.04.2026 15:30 Sources 1

About this happening: CISA moved **CVE-2026-20133** in **Cisco Catalyst SD-WAN Manager** into its **KEV Catalog**, signaling **active exploitation** against **unpatched devices** and forcing **FCEB age...

Open Happening

Lantronix EDS3000PS/EDS5000PS and Silex SD330-AC serial-to-IP vulnerabilities multiple vulnerabilities security flaw (CVE-2025-70082)

Vulnerability
First: 21.04.2026 00:00 Last: 21.04.2026 00:00 Sources 1

About this happening: **Forescout** researchers disclosed **20 new vulnerabilities** in **Lantronix EDS3000PS/EDS5000PS** and **Silex SD330-AC** serial-to-IP converters, putting **industrial network**...

Open Happening

Timeline

  1. 25.09.2025 09:30 2 articles · 8mo ago

    Cisco mitigation guidance for actively exploited CVE-2025-20352

    Mitigation Patch Update

    Cisco issued mitigation guidance for CVE-2025-20352, an actively exploited SNMP flaw affecting IOS Software and IOS XE Software, and advised administrators to allow SNMP access only for trusted users, monitor affected systems with `show snmp host`, and disable the affected OIDs where supported. Cisco said there are no workarounds that fully resolve the issue, IOS XE Software Release 17.15.4a fixes it, and IOS XR Software and NX-OS Software are not impacted.

    Show sources
    Open in new tab