#cisco-ios

[ follow ]
#cve-2025-20352 #linux-rootkits #snmp-exploit #zero-day #snmp #remote-code-execution #snmp-vulnerability
Information security
fromThe Hacker News
3 hours ago

Hackers Deploy Linux Rootkits via Cisco SNMP Flaw in "Zero Disco' Attacks

Attackers exploited CVE-2025-20352 in Cisco IOS to deploy Linux rootkits and gain persistent remote access on older, unprotected devices.
Information security
fromArs Technica
3 weeks ago

As many as 2 million Cisco devices affected by actively exploited 0-day

Up to two million Cisco IOS and IOS XE devices are vulnerable to CVE-2025-20352, an SNMP stack overflow allowing remote DoS or root-level code execution.
fromTheregister
3 weeks ago

Zero-day deja vu: Another Cisco IOS bug is under attack

Attackers with low-privilege SNMP creds can crash a device, while those with higher-privilege access can run arbitrary code as root - a straight shot to total box compromise. "The Cisco Product Security Incident Response Team (PSIRT) became aware of successful exploitation of this vulnerability in the wild after local Administrator credentials were compromised," the company said. "Cisco strongly recommends that customers upgrade to a fixed software release to remediate this vulnerability."
Information security
[ Load more ]