CVE-2025-20169

Published Feb 5, 2025

Last updated 18 days ago

CVSS high 7.7

Overview

Description
A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition.  This vulnerability affects SNMP versions 1, 2c, and 3. To exploit this vulnerability through SNMP v2c or earlier, the attacker must know a valid read-write or read-only SNMP community string for the affected system. To exploit this vulnerability through SNMP v3, the attacker must have valid SNMP user credentials for the affected system.
Source
psirt@cisco.com
NVD status
Received

Risk scores

CVSS 3.1

Type
Primary
Base score
7.7
Impact score
4
Exploitability score
3.1
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Severity
HIGH

Weaknesses

psirt@cisco.com
CWE-805

Social media

Hype score
Not currently trending

  1. CVE-2025-20169 (CVSS:7.7, HIGH) is Received. A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remo..https://t.co/hdnipUo5AR #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre

    @cracbot

    10 Feb 2025

    11 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. کشف آسیب پذیری برای سرویس مانیتورینگ شبکه برای پروتکل SNMP یا همان سرویس مانیتورینگ شبکه ، آسیب پذیری از نوع DOS با کد شناسایی CVE-2025-20169 و نمره آسیب پذیری 7.7 منتشر شده است که به یک هکر از راه دور اجازه می دهد حمله DOS را بر روی سرویس آسیب پذیر اجرا نماید. چ

    @cybernetic_cy

    8 Feb 2025

    115 Impressions

    2 Retweets

    5 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. برای پروتکل SNMP یا آسیب پذیری از نوع DOS با کد شناسایی CVE-2025-20169 و نمره آسیب پذیری 7.7 منتشر شده است که به یک هکر از راه دور اجازه می دهد حمله DOS را بر روی سرویس آسیب پذیر اجرا نماید. نسخه های snmp v1 و v2c و v3 دارای این آسیب پذیری می باشند. https://t.co/Poz3aKY03t https:

    @AmirHossein_sec

    7 Feb 2025

    30 Impressions

    0 Retweets

    4 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. CVE-2025-20169 A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an aff… https://t.co/yPXaxiQwQS

    @CVEnew

    5 Feb 2025

    181 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References