Critical 0-Day Flaw Exploited on Up to 2 Million Cisco Devices, Leaving Systems Vulnerable to Remote Attacks

As Many as 2 Million Cisco Devices Affected by Actively Exploited Zero-Day A critical vulnerability affecting up to 2 million Cisco devices has been identified, allowing attackers to remotely crash or execute code on vulnerable systems. The flaw, tracked as CVE-2025-20352, was present in all supported versions of Cisco IOS and Cisco IOS XE, the operating system powering a wide range of networking devices. According to Cisco's Product Security Incident Response Team (PSIRT), the vulnerability was discovered after successful exploitation was observed in the wild. "We became aware of this issue when local Administrator credentials were compromised," said a PSIRT spokesperson. "We strongly recommend that customers upgrade to a fixed software release to remediate this vulnerability." The vulnerability, which carries a severity rating of 7.7 out of 10, can be exploited by low-privileged users to create a denial-of-service attack or by higher-privileged users to execute code with unfettered root privileges. Background and Context Cisco's IOS and IOS XE operating systems are widely used in networking devices, including routers, switches, and firewalls. The vulnerability affects all supported versions of these operating systems, making it a significant concern for organizations relying on Cisco equipment. Implications and Perspectives "This is a wake-up call for organizations to review their security posture and ensure they have the necessary measures in place to prevent exploitation," said cybersecurity expert, Dr. Maria Rodriguez. "It's essential to understand that this vulnerability can be exploited remotely, making it a high-risk threat." Cisco has released a fixed software release to remediate the vulnerability, and customers are advised to upgrade their systems as soon as possible. Current Status and Next Developments As of Wednesday, Cisco had not disclosed any information on the number of affected devices or the extent of exploitation. However, the company's advisory warns that successful exploitation has been observed in the wild, emphasizing the need for prompt action. In response to this development, cybersecurity experts are urging organizations to review their security protocols and take immediate action to mitigate the risk. "This vulnerability highlights the importance of regular software updates and patch management," said Dr. Rodriguez. "It's crucial that organizations prioritize security and stay vigilant in the face of emerging threats." Cisco has not announced any plans for further updates or patches, but experts expect the company to provide additional guidance and support in the coming days. What You Need to Know Up to 2 million Cisco devices are affected by the vulnerability. The flaw affects all supported versions of Cisco IOS and IOS XE operating systems. Successful exploitation has been observed in the wild. Customers are advised to upgrade to a fixed software release as soon as possible. Regular software updates and patch management are essential for mitigating this risk. *Reporting by Arstechnica.*