CVE-2025-20173

Name of the Vulnerable Software and Affected Versions: Cisco IOS Software and Cisco IOS XE Software (affected versions not specified)

Description: A vulnerability in the SNMP subsystem could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This is due to improper error handling when parsing SNMP requests. An attacker could exploit this by sending a crafted SNMP request. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition. This affects SNMP versions 1, 2c, and 3. To exploit through SNMP v2c or earlier, the attacker must know a valid read-write or read-only SNMP community string. To exploit through SNMP v3, the attacker must have valid SNMP user credentials.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.