Cisco discloses actively exploited zero-day affecting up to 2 million IOS and IOS XE devices
By
duxup
Crusty in the right places. Worth the chew.
Summary
Cisco disclosed an actively exploited zero-day vulnerability (CVE-2025-20352) affecting all supported versions of Cisco IOS and IOS XE, potentially impacting up to 2 million devices. The flaw allows low-privileged users to launch denial-of-service attacks and higher-privileged users to execute arbitrary code. Research indicates 2 million vulnerable Cisco SNMP interfaces are exposed to the internet, making this a significant security concern for enterprise networks.
Key quotes
· 3 pulledAs many as 2 million Cisco devices are susceptible to an actively exploited zero-day that can remotely crash or execute code on vulnerable systems.
Cisco said Wednesday that the vulnerability, tracked as CVE-2025-20352, was present in all supported versions of Cisco IOS and Cisco IOS XE
The vulnerability can be exploited by low-privileged users to create a denial-of-service attack or by higher-privileged users to execute code that runs with unfettered r
You might also wanna read
CVE-2026-0257: PAN-OS GlobalProtect Authentication Bypass Under Active Exploitation
CVE-2026-0257 is a medium-severity (CVSS 7.8) authentication bypass vulnerability affecting Palo Alto Networks PAN-OS and Prisma Access Glob
briefly.co·2d ago
CIFSwitch Linux Vulnerability Allows Unprivileged Users to Gain Root Access via CIFS Flaw
A new Linux local-root privilege escalation vulnerability named CIFSwitch has been disclosed by researcher Asim Manizada. The flaw combines
almalinux.org·2d ago
CISA Adds Palo Alto Networks PAN-OS Authentication Bypass Vulnerability to Known Exploited Vulnerabilities Catalog
CISA has added a new vulnerability (CVE-2026-0257) to its Known Exploited Vulnerabilities (KEV) Catalog, affecting Palo Alto Networks PAN-OS
cisa.gov·7h ago