Search
On this page ▾
CVE-2017-6744 — Cisco IOS Software SNMP Remote Code Execution Vulnerability

CVE-2017-6744

Cisco IOS — SNMP Subsystem Buffer Overflow (Variant 8) Enables Authenticated RCE or Device Reload; Part of cisco-sa-20170629-snmp; HIGH 8.8
⚠️ CVSS 3.1  8.8 / 10 — HIGH 🔴 CISA Known Exploited Vulnerability

What Is Cisco IOS SNMP?

CVE-2017-6744 is one of multiple distinct buffer overflow vulnerabilities in the Cisco IOS SNMP subsystem disclosed in June 2017 advisory cisco-sa-20170629-snmp. Unlike most others in this advisory, CVE-2017-6744 specifically affects Cisco IOS (not IOS XE) and involves IPv4 or IPv6 SNMP packet processing. All CVEs in the advisory require SNMP authentication and are addressed by the same IOS software update.

Overview

Actively Exploited. This vulnerability has been added to CISA's Known Exploited Vulnerabilities (KEV) Catalog on March 3, 2022. Federal agencies are required to apply mitigations per BOD 22-01.

CVE-2017-6744 is a buffer overflow in a specific SNMP OID handler in Cisco IOS (including IPv6 processing) that can allow code execution or device reload. An attacker with valid SNMP credentials sends a crafted SNMP packet via IPv4 or IPv6. All CVEs in advisory cisco-sa-20170629-snmp are addressed by the same IOS software update. See CVE-2017-6736 for full context.

Affected Versions

Cisco IOS (not IOS XE) with SNMP enabled and IPv4 or IPv6 configured. Use cisco-sa-20170629-snmp for specific version identification.

Technical Details

CVE-2017-6744 is a buffer overflow (CWE-119) in a specific SNMP OID handler in Cisco IOS. Unlike most of the other advisory CVEs, exploitation is possible via both IPv4 and IPv6 SNMP packets.

Attribute Detail
Attack Vector Network — SNMP (UDP port 161, IPv4 or IPv6)
Authentication SNMP credentials required (PR:L)
Platform Cisco IOS (note: not IOS XE)
Advisory cisco-sa-20170629-snmp (shared with CVE-2017-6736 through 6743)

Remediation

CISA BOD 22-01 Deadline: March 24, 2022. Apply updates per vendor instructions.

Apply Cisco IOS security update per cisco-sa-20170629-snmp. Additionally: disable SNMP if not required, use SNMPv3 with authpriv, apply SNMP ACLs, and change default community strings. See CVE-2017-6736 for detailed remediation steps.

Key Details

PropertyValue
CVE ID CVE-2017-6744
Vendor / Product Cisco — IOS software
NVD Published2017-07-17
NVD Last Modified2025-10-22
CVSS 3.1 Score8.8
CVSS 3.1 VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
SeverityHIGH
CWE CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer find similar ↗
CISA KEV Added2022-03-03
CISA KEV Deadline2022-03-24
Known Ransomware Use No

CVSS 3.1 Breakdown

Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Required Action

CISA BOD 22-01 Deadline: 2022-03-24. Apply updates per vendor instructions.

Timeline

DateEvent
2017-06-29Cisco releases advisory cisco-sa-20170629-snmp covering multiple SNMP RCE vulnerabilities including CVE-2017-6744
2017-07-17CVE-2017-6744 published by NVD
2022-03-03Added to CISA Known Exploited Vulnerabilities catalog
2022-03-24CISA BOD 22-01 remediation deadline

References

ResourceType
NVD — CVE-2017-6744 Vulnerability Database
CISA KEV Catalog Entry US Government
Cisco Security Advisory cisco-sa-20170629-snmp Vendor Advisory

Last updated: 2026-05-25

Suggest an update ↗

Gavin Hollinger & AI assembled this air-gap friendly HTML