SDxCentral

Cisco sees another security threat with switches kit exploit

Attackers are taking advantage of a vulnerability in Cisco’s Simple Network Management Protocol (SNMP), which allows malicious rootkits to be installed on network hardware. According to findings from ...
CSOonline

‘Zero Disco’ campaign hits legacy Cisco switches with fileless rootkit payloads

In newly disclosed real-world attacks, threat actors are found exploiting a Cisco Simple Network Management Protocol (SNMP) vulnerability to gain remote code execution (RCE) and install Linux rootkits ...
Bleeping Computer

Hackers exploit Cisco SNMP flaw to deploy rootkit on switches

Threat actors exploited a recently patched remote code execution vulnerability (CVE-2025-20352) in Cisco networking devices to deploy a rootkit and target unprotected Linux systems. The security issue ...
aha.org

H-ISAC TLP White Threat Bulletin: Operation ZeroDisco Campaign Exploits Cisco SNMP Flaw (CVE-2025-20352)

On October 15, 2025, Trend Micro disclosed an active attack campaign, dubbed Operation ZeroDisco, exploiting two vulnerabilities in older, unpatched Cisco devices. The primary flaw being exploited in ...
The Hacker News

Hackers Deploy Linux Rootkits via Cisco SNMP Flaw in 'Zero Disco' Attacks

Cybersecurity researchers have disclosed details of a new campaign that exploited a recently disclosed security flaw impacting Cisco IOS Software and IOS XE Software to deploy Linux rootkits on older, ...
SecurityWeek

Cisco Routers Hacked for Rootkit Deployment

Threat actors are exploiting CVE-2025-20352, a recent Cisco zero-day, to deploy a rootkit on older networking devices. Older Cisco devices unpatched against a recent zero-day vulnerability have been ...
SDxCentral

Cisco urges immediate patching as network devices vulnerable to remote takeover

Network administrators have been urged to immediately patch a critical vulnerability in Cisco's IOS and IOS XE software that could allow attackers to compromise network devices or crash them entirely.
Ars Technica

As many as 2 million Cisco devices affected by actively exploited 0-day

As many as 2 million Cisco devices are susceptible to an actively exploited zero-day that can remotely crash or execute code on vulnerable systems. Cisco said Wednesday that the vulnerability, tracked ...
Network World

Cisco admins urged to patch IOS, IOS XE devices

Network admins should quickly patch a vulnerability in Cisco Systems IOS and IOS XE software to remove a stack overflow condition in the software’s Simple Network Management Protocol (SNMP) subsystem ...
The Hacker News

Cisco Warns of Actively Exploited SNMP Vulnerability Allowing RCE or DoS in IOS Software

Cisco has warned of a high-severity security flaw in IOS Software and IOS XE Software that could allow a remote attacker to execute arbitrary code or trigger a denial-of-service (DoS) condition under ...
SecurityWeek

Cisco Patches Zero-Day Flaw Affecting Routers and Switches

Cisco on Wednesday announced patches for 14 vulnerabilities in IOS and IOS XE, including a bug that has been exploited in the wild. The exploited flaw, tracked as CVE-2025-20352 (CVSS score of 7.7), ...