CVE-2026-20185

Name of the Vulnerable Software and Affected Versions Cisco 350 Series Managed Switches (SG350) (affected versions not specified) Cisco 350X Series Stackable Managed Switches (SG350X) (affected versions not specified)

Description A flaw in the Simple Network Management Protocol (SNMP) subsystem occurs due to improper error handling when parsing response data for a specific SNMP request. An authenticated remote attacker can exploit this by sending a crafted SNMP request, causing the device to reload unexpectedly and resulting in a denial of service (DoS) condition. This issue affects SNMP versions 1, 2c, and 3. Exploitation via SNMPv2c or earlier requires a valid read-write or read-only SNMP community string, while exploitation via SNMPv3 requires valid SNMP user credentials.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.