Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Cisco switch models reboot in DNS client bug loop

Service Disruption
First reported
Last updated
Happening score
H score 0
1 unique sources, 1 articles

Summary

Hide ▲

Cisco switch models began entering reboot loops after the internal DNS client service treated lookup failures as fatal errors. The disruption began around 2 AM and affects families including CBS250, CBS350, and Catalyst C1200, with repeat restarts severely disrupting network operations. Temporary mitigations include disabling DNS, disabling SNTP/time synchronization, or blocking outbound internet access from switch management interfaces.

Related Happenings

Cisco Unified Communications RCE zero-day (CVE-2026-20045)

Vulnerability
First: 22.01.2026 00:16 Last: 22.01.2026 00:16 Sources 1

About this happening: Cisco has **fixed CVE-2026-20045**, a **critical RCE zero-day** in **Cisco Unified Communications** and **Webex Calling** products that was **actively exploited** in attacks. The...

Open Happening

Cisco AsyncOS security update for CVE-2025-20393

Security Patch Release
First: 16.01.2026 07:38 Last: 16.01.2026 07:38 Sources 1

About this happening: Cisco released **security updates** for **CVE-2025-20393** in **Cisco AsyncOS Software** for **Cisco Secure Email Gateway** and **Cisco Secure Email and Web Manager**, closing a *...

Open Happening

Cisco security patch release for CVE-2026-20029

Security Patch Release
First: 08.01.2026 12:44 Last: 08.01.2026 12:44 Sources 1

About this happening: **Cisco** released a **security update bundle** for **ISE/ISE-PIC** and **Snort 3** bugs that creates **file-read**, **information-disclosure**, and **denial-of-service** risk acr...

Open Happening

Cisco ISE and ISE-PIC XML parsing arbitrary file read security flaw (CVE-2026-20029)

Vulnerability
First: 08.01.2026 11:13 Last: 08.01.2026 11:13 Sources 1

About this happening: Cisco has patched **CVE-2026-20029** in **ISE** and **ISE-PIC**, closing an **XML parsing** flaw that could let an attacker with **valid administrative credentials** read **arbitr...

Open Happening

D-Link DSL gateway routers command injection (CVE-2026-0625, actively exploited)

Vulnerability
First: 06.01.2026 21:52 Last: 06.01.2026 21:52 Sources 1

About this happening: **CVE-2026-0625** is an **unauthenticated command injection** flaw affecting **legacy D-Link DSL gateway routers**, creating **remote code execution** risk for exposed management...

Latest development: 08.01.2026 11:13

Cisco patched CVE-2026-20029 in Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) after public proof-of-concept exploit code appeared. The XML parsing flaw in the web-based management interface can let an attacker with valid administrative credentials upload a malicious file and read arbitrary files from the underlying operating system on unpatched devices, including sensitive data.

Open Happening

Timeline

  1. 08.01.2026 22:40 2 articles · 4mo ago

    Cisco switch models enter reboot loops after DNS client fatal errors

    Initial Disclosure

    Cisco switch models are entering repeated reboot loops after the internal DNS client service logs fatal errors when resolving www.cisco.com and NTP time servers, affecting CBS250, CBS350, Catalyst C1200, SG350, SG350X, and SG550X series and disrupting network operations. Temporary workarounds reported for affected Cisco switches include disabling DNS resolution, disabling SNTP or time synchronization, and blocking outbound internet access from management interfaces.

    Show sources
    Open in new tab