Cisco warns of IOS zero-day vulnerability exploited in attacks

Source: BleepingComputer

Author: Sergiu Gatlan

URL: https://www.bleepingcomputer.com/news/security/cisco-warns-of-ios-zero-day-vulnerability-exploited-in-attacks/

ONE SENTENCE SUMMARY:

Cisco issued security updates for a critical zero-day vulnerability in IOS and IOS XE Software, urging immediate upgrades to prevent exploitation.

MAIN POINTS:

1. Affected products include Cisco IOS and IOS XE Software with enabled SNMP.
2. Vulnerability, CVE-2025-20352, is due to a stack-based buffer overflow in SNMP.
3. Low-privileged remote attackers can exploit it for denial-of-service (DoS).
4. High-privileged attackers can achieve root access and full system control.
5. Exploitation involves sending a crafted SNMP packet over IPv4/IPv6 networks.
6. No existing workarounds; upgrades to patched software are essential.
7. Temporary mitigation includes limiting SNMP access to trusted users.
8. Cisco also patched 13 other vulnerabilities, including cross-site scripting (XSS).
9. Proof-of-concept exploits are available for some vulnerabilities.
10. Previous vulnerabilities were fixed, enhancing Wireless LAN Controllers’ security.

TAKEAWAYS:

1. Immediate upgrade to patched software is crucial to prevent exploitation.
2. Vulnerability involves severe risks like system control and DoS conditions.
3. Limiting SNMP access temporarily mitigates risk until patch application.
4. Awareness of other patched vulnerabilities can enhance overall security.
5. Cisco remains proactive in addressing multiple security threats promptly.