logo

CVE-2018-0171 - Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability

Project:Cisco

Product:IOS and IOS XE

Date Added:2021-11-03Due Date:2022-05-03

Vulnerability Name

Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability

Description

Cisco IOS and IOS XE Software improperly validates packet data, allowing an unauthenticated, remote attacker to trigger a reload of an affected device, cause a denial-of-service (DoS) condition, or perform code execution on the affected device.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes

https://nvd.nist.gov/vuln/detail/CVE-2018-0171

Related News Articles

Two Actively Exploited Security Flaws in Adobe and Oracle Products Flagged by CISAFebruary 25, 2025

Cisco Confirms Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom NetworksFebruary 21, 2025

Chinese hackers use custom malware to spy on US telecom networksFebruary 21, 2025