CVE-2018-0171 - Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability
Project:Cisco
Product:IOS and IOS XE
Date Added:2021-11-03Due Date:2022-05-03
Vulnerability Name
Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability
Description
Cisco IOS and IOS XE Software improperly validates packet data, allowing an unauthenticated, remote attacker to trigger a reload of an affected device, cause a denial-of-service (DoS) condition, or perform code execution on the affected device.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2018-0171
Related News Articles
US offers $10 million bounty for info on Russian FSB hackersSeptember 4, 2025
Salt Typhoon Exploits Flaws in Edge Network Devices to Breach 600 Organizations WorldwideAugust 28, 2025
Salt Typhoon Exploits Cisco, Ivanti, Palo Alto Flaws to Breach 600 Organizations WorldwideAugust 28, 2025
Global Salt Typhoon hacking campaigns linked to Chinese tech firmsAugust 28, 2025
Russian threat actors using old Cisco bug to target critical infrastructure orgsAugust 21, 2025