CVE ID

CVE-2018-0171

Vulnerability Name

Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability

• Project: Cisco
• Product: IOS and IOS XE

Date

• Date Added: 2021-11-03
• Due Date: 2022-05-03

Description

Cisco IOS and IOS XE Software improperly validates packet data, allowing an unauthenticated, remote attacker to trigger a reload of an affected device, cause a denial-of-service (DoS) condition, or perform code execution on the affected device.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes

https://nvd.nist.gov/vuln/detail/CVE-2018-0171

Related Security News

• Chinese hackers breached National Guard to steal network configurations
• Chinese Hackers Target Taiwan's Semiconductor Sector with Cobalt Strike, Custom Backdoors
• Two Actively Exploited Security Flaws in Adobe and Oracle Products Flagged by CISA
• Cisco Confirms Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks
• Chinese hackers use custom malware to spy on US telecom networks

More CVEs Info

Common Vulnerabilities & Exposures (CVE) List