SECURITY ALERT September 14, 2025

🔒 Cisco Zero-Days Under Attack & Chrome V8 Exploit

Critical Cisco IOS vulnerabilities actively exploited, Google patches Chrome V8 flaw, Cloud platform updates

6 min read 3,247 views

Red alert dashboard showing Cisco and Chrome security vulnerabilities — Critical security vulnerabilities discovered in Cisco IOS and Chrome require immediate attention

Dillip Chowdary

Cybersecurity & Infrastructure Expert

Published

Sep 14, 2025, 10:00 AM PST

CRITICAL: Cisco IOS/IOS XE Zero-Day Actively Exploited

CVE-2025-20352 | CVSS 7.7 Announced: September 14, 2025

Cisco disclosed 14 vulnerabilities in IOS and IOS XE software, including CVE-2025-20352, a high-severity stack overflow vulnerability in the SNMP subsystem that has been actively exploited in zero-day attacks before patches were available.

⚠️ Vulnerability Details

Type: Stack overflow in SNMP subsystem
Impact: Denial of Service or Remote Code Execution as root
Privileges: Low-privilege users can trigger DoS; admin access enables RCE

🎯 Affected Systems

• Cisco IOS Software
• Cisco IOS XE Software
• Cisco ASA Firewalls (separate vulnerabilities)
• Cisco Firepower Threat Defense

🚨 Immediate Actions Required:

• Apply Cisco security patches immediately
• Audit SNMP configurations and access controls
• Monitor network traffic for suspicious SNMP activity
• Review administrative access logs for unauthorized changes

Google Patches Chrome Zero-Day Exploited in Wild

CVE-2025-10585 - Type Confusion in V8 Discovered: September 16, 2025

Google's Threat Analysis Group discovered CVE-2025-10585, a type confusion vulnerability in Chrome's V8 JavaScript engine that was being actively exploited. This marks the sixth Chrome zero-day vulnerability exploited in 2025.

6th Chrome zero-day in 2025

V8 JavaScript engine affected

24hrs Patch release time

Action: Update Chrome immediately. Go to Settings → About Chrome to check for updates. The browser will auto-update on restart.

Google Cloud Apigee UI Enhancement

Google Cloud released an updated version of the Apigee UI on September 14, adding visual indicators for unused policies to help developers identify and clean up unnecessary configurations in their API management workflows.

🎯 New Feature:

An icon now displays next to policies in the Proxy Editor side navigation that haven't been attached to any flow, making it easier to identify and remove unused policies that could clutter configurations.

Market Snapshot

💱 Currency Exchange

USD to INR

1 USD = ₹87.45

↑ 0.12%

Daily Change

Stable near September highs

₿

Bitcoin

$115,234

↑ 0.8%

💎

Ethereum

$4,456

↑ 0.5%

🐕

Dogecoin

$0.423

↑ 1.8%

🦴

Shiba Inu

$0.000017

↑ 0.9%

Key Takeaways

Cisco Urgency: Patch CVE-2025-20352 immediately - active exploitation confirmed with potential root access
Chrome Update: Apply Chrome updates now - sixth zero-day of 2025 shows ongoing targeting of V8 engine
SNMP Security: Review SNMP configurations and restrict access to minimize attack surface
Developer Tools: Google Cloud Apigee update helps identify unused policies for cleaner API management

Stay Ahead of Security Threats

Get daily tech security insights delivered to your inbox

📊 BTC: $115,234 ↑0.8% 💎 ETH: $4,456 ↑0.5% 🐕 DOGE: $0.423 ↑1.8% 🦴 SHIB: $0.000017 ↑0.9% 📊 BTC: $115,234 ↑0.8% 💎 ETH: $4,456 ↑0.5% 🐕 DOGE: $0.423 ↑1.8% 🦴 SHIB: $0.000017 ↑0.9%