CVE-2025-20176

{"id": "CVE-2025-20176", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@cisco.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.7, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 4.0, "exploitabilityScore": 3.1}]}, "published": "2025-02-05T17:15:24.997", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-dos-sdxnSUcW", "source": "psirt@cisco.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-248"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device.\r\n\r\nThis vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition. \r\nThis vulnerability affects SNMP versions 1, 2c, and 3. To exploit this vulnerability through SNMP v2c or earlier, the attacker must know a valid read-write or read-only SNMP community string for the affected system. To exploit this vulnerability through SNMP v3, the attacker must have valid SNMP user credentials for the affected system."}, {"lang": "es", "value": "Una vulnerabilidad en el subsistema SNMP de Cisco IOS Software y Cisco IOS XE Software podr\u00eda permitir que un atacante remoto autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe a una gesti\u00f3n inadecuada de errores al analizar las solicitudes SNMP. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud SNMP manipulada a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante haga que el dispositivo se recargue inesperadamente, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad afecta a las versiones 1, 2c y 3 de SNMP. Para aprovechar esta vulnerabilidad a trav\u00e9s de SNMP v2c o anterior, el atacante debe conocer una cadena de comunidad SNMP v\u00e1lida de lectura y escritura o de solo lectura para el sistema afectado. Para aprovechar esta vulnerabilidad a trav\u00e9s de SNMP v3, el atacante debe tener credenciales de usuario SNMP v\u00e1lidas para el sistema afectado."}], "lastModified": "2025-03-20T19:15:37.083", "sourceIdentifier": "psirt@cisco.com"}