SB2025020625 - Multiple DoS vulnerabilities in Cisco IOS and IOS XE SNMP subsystem

Main Vulnerability Database SB2025020625

SB2025020625 - Multiple DoS vulnerabilities in Cisco IOS and IOS XE SNMP subsystem

Published: February 6, 2025

Security Bulletin ID SB2025020625

Severity

Medium

Patch available

NO

Number of vulnerabilities 8

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 8 secuirty vulnerabilities.

1) Improper error handling (CVE-ID: CVE-2025-20169)

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling in the SNMP subsystem. A remote authenticated user can send specially crafted SNMP versions 1, 2c, or 3 requests to the affected system and perform a denial of service (DoS) attack.

2) Improper error handling (CVE-ID: CVE-2025-20170)

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling in the SNMP subsystem. A remote authenticated user can send specially crafted SNMP versions 1, 2c, or 3 requests to the affected system and perform a denial of service (DoS) attack.

3) Improper error handling (CVE-ID: CVE-2025-20171)

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling in the SNMP subsystem. A remote authenticated user can send specially crafted SNMP versions 1, 2c, or 3 requests to the affected system and perform a denial of service (DoS) attack.

4) Improper error handling (CVE-ID: CVE-2025-20172)

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling in the SNMP subsystem. A remote authenticated user can send specially crafted SNMP versions 1, 2c, or 3 requests to the affected system and perform a denial of service (DoS) attack.

5) Improper error handling (CVE-ID: CVE-2025-20173)

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling in the SNMP subsystem. A remote authenticated user can send specially crafted SNMP versions 1, 2c, or 3 requests to the affected system and perform a denial of service (DoS) attack.

6) Improper error handling (CVE-ID: CVE-2025-20174)

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling in the SNMP subsystem. A remote authenticated user can send specially crafted SNMP versions 1, 2c, or 3 requests to the affected system and perform a denial of service (DoS) attack.

7) Improper error handling (CVE-ID: CVE-2025-20175)

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling in the SNMP subsystem. A remote authenticated user can send specially crafted SNMP versions 1, 2c, or 3 requests to the affected system and perform a denial of service (DoS) attack.

8) Improper error handling (CVE-ID: CVE-2025-20176)

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling in the SNMP subsystem. A remote authenticated user can send specially crafted SNMP versions 1, 2c, or 3 requests to the affected system and perform a denial of service (DoS) attack.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-dos-sdxnSUcW