Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons

Social Media

Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons
Search the Site
Popular Searches:
technology Amazon AI
Recent Posts
AsyncRAT Campaign Leverages ScreenConnect to Evade Detection
July 2, 2026
AsyncRAT Campaign Exploits Cloudflare Tunnels and Python for Malware Delivery
July 2, 2026
New Microsoft 365 Phishing Uses OAuth Device Code Flow to Steal Tokens
July 2, 2026
Home/CyberSecurity News/Cisco Small Business Switches Hit by Global DNS Outage Crash
CyberSecurity News

Cisco Small Business Switches Hit by Global DNS Outage Crash

Network administrators worldwide

Sarah simpson
Sarah simpson
January 9, 2026 One Min Read
60 0

Network administrators worldwide Small Business Switches on January 8, 2026. These incidents stemmed from fatal errors within the devices’ DNS client service.

Devices entered reboot loops every few minutes, disrupting operations until DNS configurations were removed.​

The issue surfaced around 2 AM UTC, affecting models like CBS250, C1200, CBS350, SG350, and SG550X series switches. Logs showed DNS_CLIENT-F-SRCADDRFAIL errors failing to resolve domains such as “www.cisco.com” and NIST time servers like “time-c.timefreq.bldrdoc.gov.”

Fatal errors from the DNSC task led to core dumps and automatic resets, with stack traces pointing to DNS resolution failures in firmware versions including 4.1.7.17, 4.1.3.36, and 4.1.7.24.​

Users on Cisco’s community forums reported managing dozens of affected devices and performing manual reconfiguration to stabilize them. One administrator noted, “Every single one crashed today… until I removed the DNS configuration,” across 50 CBS250 and C1200 units. Similar reports hit Reddit, where SG550X owners confirmed identical symptoms starting simultaneously across sites.​

Affected Software Versions

Model/Series Reported Versions Date Codes
CBS250/C1200 4.1.7.17, 4.1.3.36 May 2025, May 2024
CBS350 4.1.7.24, 3.5.3.2 Aug 2025, Unknown
SG550X Various recent N/A​

The crashes linked to DNS lookups for default SNTP servers like time-pnp.cisco.com or www.cisco.com, even on switches without explicit NTP config.

Forum users suspected that a resolver-side change on Cloudflare’s 1.1.1.1 DNS exacerbated the bug, since secondary servers like 8.8.8.8 might have mitigated it. Cisco’s DNS client treats lookup failures as fatal, which is not resilient.​

Effective workarounds include:

  • Disabling DNS: no ip name-server, no ip domain-lookup.
  • Removing default SNTP: no sntp server time-pnp.cisco.com.
  • Blocking outbound switch internet access.​

Switches stabilized post-changes, though disabling DNS limits hostname resolution in configs.

Cisco support acknowledged the problem to customers, confirming impacts on CBS, SG, and Catalyst 1200/1300 lines, but no public advisory or patch exists as of January 9. No field notice appears in searches. This exposes small business networks to DoS-like disruptions from routine DNS issues, urging firmware vigilance.​

Admins should monitor for updates and apply workarounds promptly. The synchronized onset suggests a global trigger, possibly external DNS flux, highlighting firmware brittleness in embedded systems.​

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.

Tags:

Patch

Share Article

Sarah simpson

Sarah simpson

Sarah is a cybersecurity journalist specializing in threat intelligence and malware analysis. With over 8 years of experience covering APT groups, zero-day exploits, and advanced persistent threats, Sarah brings deep technical expertise to breaking cybersecurity news. Previously, she worked as a security researcher at leading threat intelligence firms, where she analyzed malware samples and tracked cybercriminal operations. Sarah holds a Master's degree in Computer Science with a focus on cybersecurity and is a regular contributor to major security conferences.

Previous Post

Hackers Launched 8.1 Million Attack Sessions to React2Shell Vulnerability

Next Post

New Ghost Tapped Attack Uses Your Android Device to Drain Your Bank Account

No Comment! Be the first one.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular Posts
Citrix Bleed (CVE-2023-4966) Critical Vulnerability Actively Exploited
July 2, 2026
DHS Confirms Breach of HSIN Information Sharing Network
July 2, 2026
ChatGPT Flaw Exposes User Files, Poses System Access Risk
July 2, 2026
Top Authors
Marcus Rodriguez
Marcus Rodriguez
Jennifer sherman
Jennifer sherman
Emy Elsamnoudy
Emy Elsamnoudy
Let's Connect
156k
2.25m
285k

Related Posts

Sarah simpson
By Sarah simpson
Vulnerabilities

MongoBleed Detector Tool Released to Detect MongoDB Vulnerability(CVE-2025-14847)

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Breaches

Conti Ransomware Gang Leaders & Infrastructure Exposed

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
CyberSecurity News

Top 10 High-Risk Vulnerabilities Of 2025 that Exploited in the Wild

January 1, 2026
Sarah simpson
By Sarah simpson
Vulnerabilities

PoC Exploit Released HPE OneView Vulnerability that Enables Remote Code Execution

January 1, 2026
Hackers News Hackers News
  • [email protected]

Quick Links

  • Contact Us
  • Privacy Policy
  • Terms of service

Categories

Attacks
Breaches
Comparisons
CyberSecurity News
Threats
Vulnerabilities

Let's keep in touch

receive fresh updates and breaking cyber news every day and week!

All Rights Reserved by HackersRadar ©2026

Follow Us