2025-035: High Vulnerability in Cisco IOS and IOS XE Software

Cisco released an advisory for CVE-2025-20352 (CVSS 7.7), a stack overflow in the SNMP subsystem of Cisco IOS and IOS XE that is being exploited in the wild; exploitation can cause DoS or, with higher privileges, remote code execution as root on affected IOS XE devices. Affected devices include various Cisco platforms (including Meraki MS390 and Catalyst 9300 with certain firmware); Cisco recommends immediate patching (fixed in IOS XE 17.15.4a for some trains), conducting compromise assessments, and blocking SNMP access from untrusted networks.