CVE ID
CVE-2018-0171
Vulnerability Name
Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability
- Project: Cisco
- Product: IOS and IOS XE
Date
- Date Added: 2021-11-03
- Due Date: 2022-05-03
Description
Cisco IOS and IOS XE Software improperly validates packet data, allowing an unauthenticated, remote attacker to trigger a reload of an affected device, cause a denial-of-service (DoS) condition, or perform code execution on the affected device.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2018-0171
Related Security News
- Chinese hackers breached National Guard to steal network configurations
- Chinese Hackers Target Taiwan's Semiconductor Sector with Cobalt Strike, Custom Backdoors
- Two Actively Exploited Security Flaws in Adobe and Oracle Products Flagged by CISA
- Cisco Confirms Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks
- Chinese hackers use custom malware to spy on US telecom networks
Top comments (0)