What is the CVSS score of CVE-2026-20048?

CVE-2026-20048 has a CVSS 3.1 base score of 7.7 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H. EPSS exploitation probability: 0.2%.

Which versions of SNMP are affected by CVE-2026-20048?

Cisco Nexus 9000 Series switches running ACI mode are vulnerable to a remotely-triggered denial of service attack by authenticated users, potentially disrupting network infrastructure and services.

How to fix or mitigate CVE-2026-20048?

Within 24 hours: Inventory all Cisco Nexus 9000 Series switches in ACI mode and confirm affected versions; notify network operations and infrastructure teams. Within 7 days: Implement network segmentation to restrict SNMP access to trusted administrative networks only; disable SNMP v1/v2 if not required and enforce SNMPv3 with strong authentication. Within 30 days: Monitor Cisco security advisories for patch availability; establish a change management process for immediate deployment when a patch is released; consider device replacement timeline if patches remain unavailable.

SNMP CVE-2026-20048

HIGH

Memory Allocation with Excessive Size Value (CWE-789)

2026-02-25 psirt@cisco.com

Cisco Linux SNMP Denial Of Service

7.7

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

7.7 HIGH

AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:55 vuln.today

CVE Published

Feb 25, 2026 - 17:25 nvd

HIGH 7.7

DescriptionCVE.org

A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

This vulnerability is due to improper processing when parsing SNMP requests. An attacker could exploit this vulnerability by continuously sending SNMP queries to a specific MIB of an affected device. A successful exploit could allow the attacker to cause a kernel panic on the device, resulting in a reload and a DoS condition. Note: This vulnerability affects SNMP versions 1, 2c, and 3. To exploit this vulnerability through SNMPv1 or SNMPv2c, the attacker must have a valid read-only SNMP community string for the affected system. To exploit this vulnerability through SNMPv3, the attacker must have valid SNMP user credentials for the affected system.

AnalysisAI

Improper SNMP request parsing in Cisco Nexus 9000 Series switches running ACI mode allows authenticated remote attackers to trigger kernel panics and device reloads by sending specially crafted queries to specific MIBs. An attacker with valid SNMP read-only community credentials can exploit this vulnerability across SNMP versions 1, 2c, and 3 to achieve denial of service. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Authenticate to SNMP subsystem

Exploit

Send continuous SNMP queries to specific MIB

Execution

Trigger improper request parsing

Impact

Kernel panic and device reload

Access

Authenticate to SNMP subsystem

Exploit

Send continuous SNMP queries to specific MIB

Execution

Trigger improper request parsing

Impact

Kernel panic and device reload

Vulnerability AssessmentAI

Exploitation	Cisco Nexus 9000 Series Fabric Switches in ACI mode with SNMP enabled. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	CVSS 7.7 (HIGH). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	A remote attacker (requires authentication) could exploit this vulnerability to cause a kernel panic on the device, resulting in a reload and a DoS conditi.
Remediation	Monitor vendor advisories for a patch. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Inventory all Cisco Nexus 9000 Series switches in ACI mode and confirm affected versions; notify network operations and infrastructure teams. …

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-20048 vulnerability details – vuln.today

Back

SNMP CVE-2026-20048

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Unlock full vulnerability intelligence

Attack ChainAIDerived

Vulnerability AssessmentAI

Recommended ActionAI

Share

External POC / Exploit Code