What’s new: The FBI has issued a warning about Russian hackers linked to the FSB exploiting a 7-year-old vulnerability (CVE-2018-0171) in Cisco devices. This vulnerability affects the Smart Install feature of Cisco IOS and IOS XE software, allowing unauthenticated attackers to remotely trigger device reloads, potentially leading to denial-of-service conditions or arbitrary code execution. The FBI reports that these actors have been targeting critical infrastructure organizations globally, collecting configuration files and modifying them for unauthorized access.
Who’s affected
Organizations in critical infrastructure sectors, including telecommunications, higher education, and manufacturing, are at risk. The attacks have been observed across North America, Asia, Africa, and Europe.
What to do
- Administrators are urged to patch affected Cisco devices immediately to mitigate the risk associated with CVE-2018-0171.
- Disable the Smart Install feature on devices where it is not needed.
- Implement comprehensive security hardening measures to protect against potential exploitation by state-sponsored actors.
