Cybersecurity alert graphic: Cisco device icon with red SNMP arrows leading to rootkit deployment, hacker figures accessing data; protective shields for patches and EDR, with "Secure Your Systems" warning banner over a network diagram.

Trend Micro revealed "Zero Disco" exploits CVE-2025-20352 (CVSS 7.7) in Cisco IOS/IOS XE, allowing attackers to execute arbitrary code via SNMP packets on devices like Cisco 9400 and 9300 series. The campaign deploys Linux rootkits for persistent access, sets universal passwords, and hooks IOSd memory, targeting older systems without EDR for stealthy network takeovers.

WinRAR CVE-2025-8088 vulnerabilityWinRAR CVE-2025-8088 vulnerability

Attackers also leverage a modified CVE-2017-3881 for memory manipulation, enabling data theft and evasion. Unattributed to any group, this highlights SNMP's risks in enterprise networks, with ASLR on newer devices offering partial protection but not full immunity.

WinRAR CVE-2025-8088 vulnerabilityWinRAR CVE-2025-8088 vulnerability

Defend by patching immediately, enabling EDR, and monitoring for anomalies. Regular scans and multi-factor authentication can help block these sophisticated threats before they escalate.


NPAV offers a robust solution to combat cyber fraud. Protect yourself with our top-tier security product, Z Plus Security