TL;DR 📌
A vulnerability in the SNMP subsystem of Cisco IOS and IOS XE Software could allow authenticated attackers to cause a denial of service (DoS) or execute arbitrary code. This affects devices with SNMP enabled. Immediate action is required to patch or mitigate this vulnerability.
What happened 🕵️♂️
A vulnerability has been identified in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software. This vulnerability allows an authenticated remote attacker to cause a denial of service (DoS) condition or execute code as the root user on affected devices. The exploitation requires valid SNMP credentials, either through SNMPv2c read-only community strings or SNMPv3 user credentials. This vulnerability is due to a stack overflow condition in the SNMP subsystem.