CVE-2025-20312

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software (affected versions not specified)

Description A flaw exists in the Simple Network Management Protocol (SNMP) subsystem that may allow a remote attacker with valid credentials to disrupt service. The issue stems from incorrect error handling during the processing of a specific SNMP request. An attacker could exploit this by sending a crafted SNMP request, potentially causing the device to reload unexpectedly, leading to a denial of service. This affects SNMP versions 1, 2c, and 3. Exploitation via SNMPv2c or earlier requires knowledge of a valid SNMP community string, while SNMPv3 exploitation requires valid user credentials.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.