Cisco Warns of Zero‑Day Vulnerability Actively Exploited in iOS Software
Cisco Warns of Zero‑Day Vulnerability Actively Exploited in iOS Software Cisco has alerted users about a zero-day vulnerability (CVE‑2025‑20352) in its IOS and IOS XE software, which attackers are actively exploiting. What’s the issue? The flaw lies in the SNMP subsystem (Simple Network Management Protocol) and can be triggered via crafted SNMP packets. It’s a stack overflow bug. Severity score: 7.7 / 10 (High) If exploited: Low‑privilege attackers might trigger a Denial of Service (DoS). High‑privilege attackers (with administrative rights) could execute arbitrary code as root, fully compromising the device. Exploitation requires valid SNMP credentials (v1/v2c read-only or SNMPv3 + admin privileges). The vulnerability affects all devices running vulnerable IOS / IOS XE versions, including Meraki MS390 and Cisco Catalyst 9300 switches running Meraki CS 17. Mitigation & Patch Cisco has released a patch. Users are strongly urged to apply it immediately, as active exploitation is already occurring. There is no known full workaround. Cisco recommends using temporary mitigations: Restrict SNMP access (limit which IPs/networks can query). Use strong SNMPv3 credentials. Monitor logs for suspicious SNMP activity. Source: https://www.techradar.com/pro/security/cisco-warns-zero-day-vulnerability-exploited-in-attacks-on-ios-software ...