Cisco 350 and 350X Series Switches SNMP Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in the SNMP subsystem of Cisco 350 Series Managed Switches (SG350) and Cisco 350X Series Stackable Managed Switches (SG350X) running firmware versions 2.5.9.54 or 2.5.9.55. This vulnerability allows an authenticated, remote attacker to cause the device to reload unexpectedly, creating a DoS condition. The issue arises from improper error handling when parsing response data for specific SNMP requests. The vulnerability affects SNMP versions 1, 2c, and 3. Exploitation through SNMPv2c or earlier requires knowledge of a valid read-write or read-only SNMP community string, while exploitation through SNMPv3 necessitates valid SNMP user credentials.

Impact

Exploitation of this vulnerability leads to an unexpected device reload, causing a denial-of-service condition.

Remediation

Cisco has not released and will not release software updates to address this vulnerability, as the affected products are past their End of Software Maintenance Releases. Customers are advised to consult the End-of-Life notices for these products and consider migration options. For devices still under support, contact the Cisco Technical Assistance Center (TAC) for upgrade options.