CVE-2018-0171 - Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability
Project:Cisco
Product:IOS and IOS XE
Date Added:2021-11-03Due Date:2022-05-03
Vulnerability Name
Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability
Description
Cisco IOS and IOS XE Software improperly validates packet data, allowing an unauthenticated, remote attacker to trigger a reload of an affected device, cause a denial-of-service (DoS) condition, or perform code execution on the affected device.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2018-0171
Related News Articles
Two Actively Exploited Security Flaws in Adobe and Oracle Products Flagged by CISAFebruary 25, 2025
Cisco Confirms Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom NetworksFebruary 21, 2025
Chinese hackers use custom malware to spy on US telecom networksFebruary 21, 2025