Critical Network Collapse: 9.8 Severity Net-SNMP Buffer Overflow Threatens Global Monitoring Systems

A critical security vulnerability has been found in Net-SNMP, the ubiquitous software suite used globally for network monitoring and management. Tracked as CVE-2025-68615, the flaw carries a near-maximum CVSS score of 9.8, signaling an immediate danger to organizations running the snmptrapd service.

The vulnerability, a classic buffer overflow, allows an attacker to crash the daemon—and potentially wreak further havoc—simply by sending a specially crafted packet.

Net-SNMP is a fundamental building block of network administration, supporting a wide array of protocols (SNMP v1, v2c, v3, AgentX) and transports (IPv4, IPv6, Unix sockets). It is the backbone for how many organizations monitor servers, routers, and switches.

The vulnerability resides specifically in the snmptrapd daemon, the component responsible for receiving and processing SNMP trap messages (alerts sent by network devices).

According to the disclosure, the flaw is triggered by a “specially crafted packet.” When the daemon attempts to process this malicious input, it triggers a buffer overflow. While the advisory explicitly notes that this causes the “daemon to crash”—resulting in a Denial of Service (DoS)—a CVSS score of 9.8 typically suggests the potential for more severe consequences, such as Remote Code Execution (RCE), if the overflow is skillfully exploited.

“There is no mitigation available other than ensuring ports to snmptrapd are appropriately firewalled,” the report states.

The vulnerability was discovered by security researcher buddurid, working in coordination with the Trend Micro Zero Day Initiative (ZDI).

If your snmptrapd listener is exposed to the internet, it is vulnerable to attack from anywhere in the world. Administrators are urged to ensure that UDP port 162 (the default for SNMP traps) is strictly firewalled and accessible only from trusted internal management IP addresses.

The maintainers of Net-SNMP have released patched versions to address the flaw. Users are strongly advised to upgrade their installations immediately to:

• Net-SNMP 5.9.5
• Net-SNMP 5.10.pre2

Related Posts:

• CVE-2025-8067: Linux Privilege Escalation Flaw Found in UDisks Daemon, PoC Releases
• Critical Erlang/OTP Flaw (CVE-2025-32433) Under Active Exploitation, Allowing Unauthenticated RCE on OT Networks
• Linux Kernel Vulnerability Exposes Local Systems to Privilege Escalation, PoC Published
• Privilege Escalation in guix-daemon: Critical Vulnerabilities Threaten Multi-User Systems