CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-20185

highcovered by 1 sourcefirst seen 2026-05-06
A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco 350 Series Managed Switches (SG350) and Cisco 350X Series Stackable Managed Switches (SG350X) firmware could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper error handling when parsing response data for a specific SNMP request. An attacker could exploit this vulnerability by sending a specific SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition. This vulnerability affects SNMP versions 1, 2c, and 3. To exploit this vulnerability through SNMPv2c or earlier, the attacker must know a valid read-write or read-only SNMP community string for the affected system. To exploit this vulnerability through SNMPv3, the attacker must have valid SNMP user credentials for the affected system. Cisco has not released and will not release software updates that address this vulnerability because the affected products are past the date for End of Software Maintenance Releases. The Cisco Product Security Incident Response Team (PSIRT) will continue to evaluate and disclose security vulnerabilities that affect these products until the Last Date of Support is reached. There are no workarounds that address this vulnerability. However, there is a mitigation. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sg350-snmp-dos-GEFZr2Tj Security Impact Rating: High CVE: CVE-2026-20185

CSIRTS triage

What
A vulnerability in the SNMP subsystem could allow an authenticated attacker to cause a denial of service condition.
Who is affected
Authenticated users of Cisco SG350 and SG350X Series Managed Switches are affected.
Urgency
Remediation is urgent due to the potential for device reloading and service disruption.
Action
Apply the latest firmware updates for the affected switches.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch CVE-2026-20185

Get an email if CVE-2026-20185 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (1)

External references

NVD record for CVE-2026-20185

CVE.org record

Embed the live status

CVE-2026-20185 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-20185 status](https://www.csirts.com/badge/CVE-2026-20185)](https://www.csirts.com/cve/CVE-2026-20185)