Search
On this page ▾
CVE-2017-6742 — Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability

CVE-2017-6742

Cisco IOS and IOS XE — SNMP Subsystem Buffer Overflow (Variant 6) Enables Authenticated RCE or Device Reload; Part of cisco-sa-20170629-snmp; HIGH 8.8
⚠️ CVSS 3.1  8.8 / 10 — HIGH 🔴 CISA Known Exploited Vulnerability

What Is Cisco IOS SNMP?

CVE-2017-6742 is one of multiple distinct buffer overflow vulnerabilities in the Cisco IOS and IOS XE SNMP subsystem disclosed in June 2017 advisory cisco-sa-20170629-snmp. Unlike most of the other CVEs from this advisory (which were added to KEV in March 2022), CVE-2017-6742 was added separately to the KEV catalog in April 2023 — reflecting continued confirmed exploitation of this specific SNMP OID vulnerability more than a year after the other advisory CVEs were catalogued.

Overview

Actively Exploited. This vulnerability has been added to CISA's Known Exploited Vulnerabilities (KEV) Catalog on April 19, 2023. Federal agencies are required to apply mitigations per BOD 22-01.

CVE-2017-6742 is a buffer overflow in a specific SNMP OID handler in Cisco IOS and IOS XE that can allow code execution or device reload. An attacker with valid SNMP credentials sends a crafted SNMP packet referencing the vulnerable OID. Its separate April 2023 KEV addition (deadline May 10, 2023) — one year after the other advisory CVEs — indicates this specific OID was actively targeted in 2023 exploitation campaigns. See CVE-2017-6736 for full context on this advisory.

Affected Versions

Cisco IOS and IOS XE with SNMP enabled. Use cisco-sa-20170629-snmp and the Cisco IOS Software Checker for specific version identification.

Technical Details

CVE-2017-6742 is a buffer overflow (CWE-119) in a specific SNMP OID handler. A crafted SNMP packet from an authenticated attacker enables code execution or device reload. Its 2023 KEV addition (vs March 2022 for other advisory CVEs) indicates this specific OID remained in active attacker use.

Attribute Detail
Attack Vector Network — SNMP (UDP port 161)
Authentication SNMP credentials required (PR:L)
KEV Addition April 19, 2023 (separate from other advisory CVEs added March 2022)
Advisory cisco-sa-20170629-snmp

Remediation

CISA BOD 22-01 Deadline: May 10, 2023. Apply updates per vendor instructions.

Apply Cisco IOS security update per cisco-sa-20170629-snmp. Additionally: disable SNMP if not required, use SNMPv3 with authpriv, apply SNMP ACLs, and change default community strings. See CVE-2017-6736 for detailed remediation steps.

Key Details

PropertyValue
CVE ID CVE-2017-6742
Vendor / Product Cisco — IOS and IOS XE Software
NVD Published2017-07-17
NVD Last Modified2026-01-12
CVSS 3.1 Score8.8
CVSS 3.1 VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
SeverityHIGH
CWE CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer find similar ↗
CISA KEV Added2023-04-19
CISA KEV Deadline2023-05-10
Known Ransomware Use No

CVSS 3.1 Breakdown

Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Required Action

CISA BOD 22-01 Deadline: 2023-05-10. Apply updates per vendor instructions.

Timeline

DateEvent
2017-06-29Cisco releases advisory cisco-sa-20170629-snmp covering multiple SNMP RCE vulnerabilities including CVE-2017-6742
2017-07-17CVE-2017-6742 published by NVD
2023-04-19Added to CISA Known Exploited Vulnerabilities catalog (separate KEV addition from others in this advisory)
2023-05-10CISA BOD 22-01 remediation deadline

References

ResourceType
NVD — CVE-2017-6742 Vulnerability Database
CISA KEV Catalog Entry US Government
Cisco Security Advisory cisco-sa-20170629-snmp Vendor Advisory

Last updated: 2026-05-25

Suggest an update ↗

Gavin Hollinger & AI assembled this air-gap friendly HTML