Cisco IOS XE Software SNMP DoS (cisco-sa-snmp-dos-sdxnSUcW)

high Nessus Plugin ID 215125

Synopsis

The remote device is missing a vendor-supplied security patch

Description

According to its self-reported version, Cisco IOS-XE Software is affected by multiple vulnerabilities.

- A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition. This vulnerability affects SNMP versions 1, 2c, and 3. To exploit this vulnerability through SNMP v2c or earlier, the attacker must know a valid read-write or read-only SNMP community string for the affected system. To exploit this vulnerability through SNMP v3, the attacker must have valid SNMP user credentials for the affected system.
(CVE-2025-20169, CVE-2025-20170, CVE-2025-20171, CVE-2025-20173, CVE-2025-20174, CVE-2025-20175, CVE-2025-20176)

- A vulnerability in the SNMP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device.
This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. For Cisco IOS and IOS XE Software, a successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition. For Cisco IOS XR Software, a successful exploit could allow the attacker to cause the SNMP process to restart, resulting in an interrupted SNMP response from an affected device.
Devices that are running Cisco IOS XR Software will not reload. This vulnerability affects SNMP versions 1, 2c, and 3. To exploit this vulnerability through SNMP v2c or earlier, the attacker must know a valid read-write or read-only SNMP community string for the affected system. To exploit this vulnerability through SNMP v3, the attacker must have valid SNMP user credentials for the affected system.
(CVE-2025-20172)

Please see the included Cisco BIDs and Cisco Security Advisory for more information.

Solution

Upgrade to the relevant fixed version referenced in Cisco bug IDs CSCwm79554, CSCwm79564, CSCwm79570, CSCwm79577, CSCwm79581, CSCwm79590, CSCwm79596, CSCwm89600, CSCwn08493

Plugin Details

Severity: High

ID: 215125

File Name: cisco-sa-snmp-dos-sdxnSUcW-iosxe.nasl

Version: 1.1

Type: combined

Family: CISCO

Published: 2/7/2025

Updated: 2/7/2025

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.2

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C

CVSS Score Source: CVE-2025-20169

CVSS v3

Risk Factor: High

Base Score: 7.7

Temporal Score: 6.7

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:cisco:ios_xe

Required KB Items: Host/Cisco/IOS-XE/Version, Settings/ParanoidReport

Exploit Ease: No known exploits are available

Patch Publication Date: 2/5/2025

Vulnerability Publication Date: 2/5/2025

Reference Information

CVE: CVE-2025-20169, CVE-2025-20170, CVE-2025-20171, CVE-2025-20172, CVE-2025-20173, CVE-2025-20174, CVE-2025-20175, CVE-2025-20176

CWE: 805

CISCO-SA: cisco-sa-snmp-dos-sdxnSUcW

IAVA: 2025-A-0084

CISCO-BUG-ID: CSCwm79554, CSCwm79564, CSCwm79570, CSCwm79577, CSCwm79581, CSCwm79590, CSCwm79596, CSCwm89600, CSCwn08493

Detections

Analytics