Cybersecurity authorities warn of a high-severity SNMP vulnerability in Cisco IOS/IOS-XE (CVE-2025-20352) that has been observed in active exploitation; they recommend applying patches and restricting SNMP according to best practices.

In November 2025, a national cybersecurity authority issued a high-level alert regarding the CVE-2025-20352 vulnerability in the SNMP component of Cisco IOS/IOS-XE, reporting active exploitation and the risk of remote execution or denial of service when SNMP is enabled without controls. The alert explains that the risk affects systems with SNMP enabled and recommends applying official Cisco patches, restricting SNMP access using Access Control Lists (ACLs), and reviewing credentials and administrative configurations.

This type of failure highlights the need for patching policies and segmented management in enterprise infrastructures. For SITE PERÚ, this presents an opportunity to offer exposure auditing services, configuration hardening, and contingency plans that include backups and rollbacks. Furthermore, log monitoring should be prioritized, and maintenance windows should be established in coordination with the client to implement fixes without impacting critical operations.

National Cyber Security Authority. (2025, 11 de noviembre). Alert: High-Severity SNMP Vulnerability in Cisco IOS and IOS XE (CVE-2025-20352). NCSA Updates.