How severe is CVE-2025-20173?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.7 out of 10.

What type of vulnerability is CVE-2025-20173?

This is classified as CWE-248, which is a common weakness in software security.

CVE-2025-20173 - HIGH Severity | CVSS 7.7

Vulnerability Description

A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition.  This vulnerability affects SNMP versions 1, 2c, and 3. To exploit this vulnerability through SNMP v2c or earlier, the attacker must know a valid read-write or read-only SNMP community string for the affected system. To exploit this vulnerability through SNMP v3, the attacker must have valid SNMP user credentials for the affected system.

Related Vulnerabilities

CVE-2025-20171

HIGH

CVSS:7.7(High)

CWE-2482025

CVE-2025-20172

HIGH

CVSS:7.7(High)

A vulnerability in the SNMP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an authenticated, remote attacker to cause a DoS condition on an affected devi...

CWE-2482025

CVE-2025-20176

HIGH

CVSS:7.7(High)

CWE-2482025

CVE-2018-11465

HIGH

CVSS:7.8(High)

A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions <...

CWE-2482018

CVE-2023-22292

HIGH

CVSS:7.8(High)

Uncaught exception for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via local access.

CWE-2482023

CVE-2016-10363

HIGH

CVSS:7.5(High)

Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, a remote attacker crafting malicious Netflow v5, Netflow v9 or IPFIX packets could perform a denial of service attack on the Logs...

CWE-2482016