High7.7Cisco Updated
Cisco SG350 and SG350X Series Managed Switches SNMP Denial of Service Vulnerability
cisco-sa-sg350-snmp-dos-GEFZr2Tj Published May 6, 2026Updated by vendor May 6, 2026
CVE-2026-20185
Affected products & platforms
CiscoSwitches
Summary
A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco 350 Series Managed Switches (SG350) and Cisco 350X Series Stackable Managed Switches (SG350X) firmware could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
Affected versions
- Scope: This vulnerability affects the following Cisco products if they are running Cisco SG350 and SG350X Series Managed Switch Firmware Release 2.5.9.54 or 2.5.9.55 and have two or more 60-watt Power over Ethernet (PoE) ports enabled:
Official advisory · high-confidence parse· fetched 1 day ago·verify at source
Mitigation checklist
Temporary workarounds
- There are no workarounds that address this vulnerability. However, as a mitigation, administrators may disable the vulnerable object ID (OID) on a device.
- To disable and exclude the OID, complete the following steps:
- 1. Create a new SNMP view excluding the affected OID. Use the following commands:
- snmp-server view SNMP_DOS iso included
- snmp-server view SNMP_DOS rlPethPsePortTable excluded
- 2. Apply the view to the SNMP community or SNMP v3 group:
- For SNMP v1 or v2c, apply this configuration to all configured community strings. Use the following command:
- snmp-server community mycomm view SNMP_DOS RO
- For SNMPv3, apply this to all configured SNMP users. Use the following command:
- snmp-server group v3group v3 auth read SNMP_DOS write SNMP_DOS
Official advisory · high-confidence parse· fetched 1 day ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.