Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
480
Views
0
Helpful
3
Replies

Upgrading cisco 3850 IOS-XE

jesse.garcia11
Level 1
Level 1

‎10-06-2025 09:20 AM

Hello, I am trying to resolve the new CVE for snmp issues: CVE-2025-20352. I used the tools provided and encountered this issue. I am on Version 03.07.04E and the tool says to go to 3.11.13E for the fix. However I cannot find that in Downloads Home>Switches >Campus LAN Switches - Access >Catalyst 3850 Series Switches >Catalyst 3850-16XS-E Switch ... 

jessegarcia11_0-1759767341435.png

My question is, can we make the jump from 3.7.4 to 16.12.14 released last month? Has anyone had any issues? I reviewed the release notes but dont see anything about explicitly jumping that much . 

 

0 Helpful
3 Replies 3

balaji.bandi
Hall of Fame
Hall of Fame

‎10-06-2025 09:29 AM

Upgrading to 16.12 is a wise decision. Make sure you read the release notes and back up the configuration out of the box.

Follow the upgrade guide.  We had some 3850 1ith 16.12, they work in the Live environment, we recently changed to Cat 9300

 

 

BB

=====Preenayamo Vasudevam=====

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Mark Elsen
Hall of Fame
Hall of Fame

‎10-06-2025 09:37 AM

 

  - @jesse.garcia11   If you talk about jumping , for instance read : https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3850/software/release/16-12/release_notes/ol-16-12-3850.html#task_k3s_tgq_k3b
                                   
                                  Better read this section completely as well :
                                        https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3850/software/release/16-12/release_notes/ol-16-12-3850.html#id_67613

  M.



-- Let everything happen to you  
       Beauty and terror
      Just keep going    
       No feeling is final
Reiner Maria Rilke (1899)
0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame

‎10-06-2025 02:00 PM - edited ‎10-06-2025 06:16 PM

IOS-XE version 3.11.13 is for the 4500 Sup7/8/9 family of switches.  

Read the Security Advisory for CVE-2025-20352 very carefully (Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability). 

Two common denominators are "authenticated user(s)" must possess the read-only community string or SNMPv3 credentials.  The Security Advisory also contain a workaround.  3.7.X (and earlier) may be vulnerable, however, I would not trade the stability of the switch if a workaround is available/identified.  

0 Helpful
Customers Also Viewed These Support Documents