**Name of the Vulnerable Software and Affected Versions**

Cisco IOS and Cisco IOS XE Software (affected versions not specified)

Meraki MS390

Catalyst 9300

**Description**

A vulnerability exists in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software. This flaw, actively exploited in the wild, allows attackers to cause a denial of service (DoS) condition or gain remote code execution (RCE) capabilities. Exploitation requires valid SNMP credentials, with the severity depending on the attacker's privilege level. Low-privileged attackers can trigger a DoS, while high-privileged attackers can achieve root-level access. The vulnerability is due to a stack overflow condition triggered by crafted SNMP packets sent over IPv4 or IPv6 networks. Reports indicate that exploitation has occurred following the compromise of administrative credentials. Approximately 192,000 to 2 million devices may be exposed.

**Recommendations**

Update to IOS XE version 17.15.4a or later.

Restrict SNMP access to trusted management hosts.

Disable SNMPv1 and SNMPv2c, and transition to SNMPv3 with authentication and privacy enabled.

Change default SNMP community strings if SNMPv1 or v2c cannot be disabled.

Monitor SNMP traffic for anomalies, including authentication failures and unusual request patterns.

At the moment, there is no information about a newer version that contains a fix for this vulnerability.