CVE-2018-0171β€”Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability

PUBLISHEDvulnerability record
2021-11-03 Β· last modified June 21, 2025

Metadata

CVE ID:
CVE-2018-0171
Project:
Cisco
Product:
IOS and IOS XE
Date Added:
2021-11-03
Due Date:
2022-05-03
Last Updated:
June 21, 2025

Vulnerability Name

Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability

Description

Cisco IOS and IOS XE Software improperly validates packet data, allowing an unauthenticated, remote attacker to trigger a reload of an affected device, cause a denial-of-service (DoS) condition, or perform code execution on the affected device.

Known To Be Used in Ransomware Campaigns?

Ransomware Status:
Unknown

Action

Apply updates per vendor instructions.

Additional Notes

Related News Articles

Related Weaknesses