CVE-2026-20048

Name of the Vulnerable Software and Affected Versions Cisco Nexus 9000 Series Fabric Switches versions (affected versions not specified)

Description A flaw exists in the Simple Network Management Protocol (SNMP) subsystem of Cisco Nexus 9000 Series Fabric Switches operating in ACI mode. This issue could allow a remote attacker with valid credentials to trigger a denial of service (DoS) condition. The root cause is improper handling of SNMP requests during parsing. An attacker can exploit this by repeatedly sending SNMP queries to a specific Management Information Base (MIB) on the device. A successful exploit may lead to a kernel panic, causing the device to reload and become unavailable. This affects SNMP versions 1, 2c, and 3. Exploitation via SNMPv1 or SNMPv2c requires a valid read-only SNMP community string, while SNMPv3 exploitation requires valid SNMP user credentials.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.