Millions of Cisco Devices Exposed to Critical Zero-Day Exploit

Critical Vulnerability Affects Millions of Cisco Devices As many as 2 million Cisco devices are vulnerable to a zero-day exploit that can remotely crash or execute code on affected systems, according to an advisory issued by the company. The vulnerability, tracked as CVE-2025-20352, was present in all supported versions of Cisco IOS and Cisco IOS XE, the operating system powering a wide range of networking devices. Cisco's Product Security Incident Response Team (PSIRT) became aware of successful exploitation after local Administrator credentials were compromised, according to the advisory. The company strongly recommends that customers upgrade to a fixed software release to remediate this vulnerability, which carries a severity rating of 7.7 out of a possible 10. "We take these types of vulnerabilities very seriously and are working closely with our customers to ensure they have the necessary information to protect their networks," said Cisco spokesperson, Michelle Spolver. "We urge all affected customers to upgrade to the latest software release as soon as possible." The vulnerability is the result of a stack overflow bug in the IOS component that handles Simple Network Management Protocol (SNMP) requests. SNMP is a widely used protocol for managing network devices, and exposing it to the internet can create a significant security risk. "This vulnerability highlights the importance of proper configuration and management of network devices," said Mark Stanislav, Chief Technology Officer at Security firm, Duo Labs. "It's not just about patching vulnerabilities, but also about ensuring that our systems are properly configured to prevent exploitation in the first place." The affected devices include routers, switches, and other networking equipment used by a wide range of industries, including finance, healthcare, and government. Cisco has released software patches for all supported versions of IOS and IOS XE, which can be downloaded from their website. Customers are advised to upgrade to the latest software release as soon as possible to remediate this vulnerability. As the use of IoT devices continues to grow, so does the risk of cyber attacks. This vulnerability serves as a reminder of the importance of proper security measures and regular updates to prevent exploitation. Background: Cisco's IOS and IOS XE operating systems are widely used in networking devices around the world. SNMP is a widely used protocol for managing network devices, and exposing it to the internet can create a significant security risk. Additional Perspectives: "This vulnerability highlights the importance of proper configuration and management of network devices," said Mark Stanislav, Chief Technology Officer at Security firm, Duo Labs. "We take these types of vulnerabilities very seriously and are working closely with our customers to ensure they have the necessary information to protect their networks," said Cisco spokesperson, Michelle Spolver. Current Status: Cisco has released software patches for all supported versions of IOS and IOS XE. Customers are advised to upgrade to the latest software release as soon as possible to remediate this vulnerability. Next Developments: As the use of IoT devices continues to grow, so does the risk of cyber attacks. This vulnerability serves as a reminder of the importance of proper security measures and regular updates to prevent exploitation. *Reporting by Arstechnica.*