CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

Cisco SG350 and SG350X Series Managed Switches SNMP Denial of Service Vulnerability

highCVE-2026-20185
A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco 350 Series Managed Switches (SG350) and Cisco 350X Series Stackable Managed Switches (SG350X) firmware could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper error handling when parsing response data for a specific SNMP request. An attacker could exploit this vulnerability by sending a specific SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition. This vulnerability affects SNMP versions 1, 2c, and 3. To exploit this vulnerability through SNMPv2c or earlier, the attacker must know a valid read-write or read-only SNMP community string for the affected system. To exploit this vulnerability through SNMPv3, the attacker must have valid SNMP user credentials for the affected system. Cisco has not released and will not release software updates that address this vulnerability because the affected products are past the date for End of Software Maintenance Releases. The Cisco Product Security Incident Response Team (PSIRT) will continue to evaluate and disclose security vulnerabilities that affect these products until the Last Date of Support is reached. There are no workarounds that address this vulnerability. However, there is a mitigation. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sg350-snmp-dos-GEFZr2Tj Security Impact Rating: High CVE: CVE-2026-20185

CSIRTS triage

What
A vulnerability in the SNMP subsystem could allow an authenticated attacker to cause a denial of service condition.
Who is affected
Authenticated users of Cisco SG350 and SG350X Series Managed Switches are affected.
Urgency
Remediation is urgent due to the potential for device reloading and service disruption.
Action
Apply the latest firmware updates for the affected switches.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch Cisco SG350 and SG350X Series Managed Switches

Get an email when a new Cisco SG350 and SG350X Series Managed Switches advisory drops — max one per day, one-click unsubscribe.

Details

Source
Cisco Security Advisories (INTL · vendor-psirt · site)
Severity
high
Published
2026-05-06
Exploitation
Not in CISA KEV at last sync

Original advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sg350-snmp-dos-GEFZr2Tj?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20SG350%20and%20SG350X%20Series%20Managed%20Switches%20SNMP%20Denial%20of%20Service%20Vulnerability%26vs_k=1

Exploitation outlook

EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.

Referenced CVEs

CVECSIRTS overviewExternal
CVE-2026-20185coverage & exploitation statusNVD · CVE.org

More from Cisco Security Advisories