CyberSecurity News

Cisco Small Business Switches Hit by Global DNS Outage Crash

Network administrators worldwide

Sarah simpson
Sarah simpson
January 9, 2026 One Min Read
11 0

Network administrators worldwide Small Business Switches on January 8, 2026. These incidents stemmed from fatal errors within the devices’ DNS client service.

Devices entered reboot loops every few minutes, disrupting operations until DNS configurations were removed.​

The issue surfaced around 2 AM UTC, affecting models like CBS250, C1200, CBS350, SG350, and SG550X series switches. Logs showed DNS_CLIENT-F-SRCADDRFAIL errors failing to resolve domains such as “www.cisco.com” and NIST time servers like “time-c.timefreq.bldrdoc.gov.”

Fatal errors from the DNSC task led to core dumps and automatic resets, with stack traces pointing to DNS resolution failures in firmware versions including 4.1.7.17, 4.1.3.36, and 4.1.7.24.​

Users on Cisco’s community forums reported managing dozens of affected devices and performing manual reconfiguration to stabilize them. One administrator noted, “Every single one crashed today… until I removed the DNS configuration,” across 50 CBS250 and C1200 units. Similar reports hit Reddit, where SG550X owners confirmed identical symptoms starting simultaneously across sites.​

Affected Software Versions

Model/Series Reported Versions Date Codes
CBS250/C1200 4.1.7.17, 4.1.3.36 May 2025, May 2024
CBS350 4.1.7.24, 3.5.3.2 Aug 2025, Unknown
SG550X Various recent N/A​

The crashes linked to DNS lookups for default SNTP servers like time-pnp.cisco.com or www.cisco.com, even on switches without explicit NTP config.

Forum users suspected that a resolver-side change on Cloudflare’s 1.1.1.1 DNS exacerbated the bug, since secondary servers like 8.8.8.8 might have mitigated it. Cisco’s DNS client treats lookup failures as fatal, which is not resilient.​

Effective workarounds include:

  • Disabling DNS: no ip name-server, no ip domain-lookup.
  • Removing default SNTP: no sntp server time-pnp.cisco.com.
  • Blocking outbound switch internet access.​

Switches stabilized post-changes, though disabling DNS limits hostname resolution in configs.

Cisco support acknowledged the problem to customers, confirming impacts on CBS, SG, and Catalyst 1200/1300 lines, but no public advisory or patch exists as of January 9. No field notice appears in searches. This exposes small business networks to DoS-like disruptions from routine DNS issues, urging firmware vigilance.​

Admins should monitor for updates and apply workarounds promptly. The synchronized onset suggests a global trigger, possibly external DNS flux, highlighting firmware brittleness in embedded systems.​

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.

Tags:

Patch

Share Article

Sarah simpson

Sarah simpson

Sarah is a cybersecurity journalist specializing in threat intelligence and malware analysis. With over 8 years of experience covering APT groups, zero-day exploits, and advanced persistent threats, Sarah brings deep technical expertise to breaking cybersecurity news. Previously, she worked as a security researcher at leading threat intelligence firms, where she analyzed malware samples and tracked cybercriminal operations. Sarah holds a Master's degree in Computer Science with a focus on cybersecurity and is a regular contributor to major security conferences.

No Comment! Be the first one.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts