What is a common security concern with SNMP?

SNMP’s most common security issue is that early versions transmit the community strings in plaintext and provide little to no encryption. Those community strings act like passwords for read or write access to devices, so if someone can sniff the network, they can capture them and gain unauthorized control. That exposure is a fundamental risk in SNMPv1/v2c, which is why migrating to SNMPv3 with authentication and encryption (authPriv) is the recommended fix. Automatic certificate rotation isn’t part of SNMP; SNMP doesn’t rely on certificates in its standard encryption/authentication approach. The concern isn’t about having too strong encryption by default, but the opposite—there’s often insufficient protection due to plaintext community strings. OAuth isn’t used in SNMP either; it’s a web/API authentication method, not a native SNMP mechanism.