FBI warns of Russian hackers exploiting 7-year-old Cisco flaw

What’s new: The FBI has issued a warning about Russian hackers linked to the FSB exploiting a 7-year-old vulnerability (CVE-2018-0171) in Cisco devices. This vulnerability affects the Smart Install feature of Cisco IOS and IOS XE software, allowing unauthenticated attackers to remotely trigger device reloads, potentially leading to denial-of-service conditions or arbitrary code execution. The attackers have been targeting critical infrastructure organizations globally, collecting configuration files and modifying them for unauthorized access.

Who’s affected

Organizations across critical infrastructure sectors, including telecommunications, higher education, and manufacturing, are at risk. The attacks have been observed in North America, Asia, Africa, and Europe, particularly against US entities.

What to do

• Administrators are urged to patch Cisco devices against CVE-2018-0171 immediately to mitigate the risk of exploitation.
• Disable the Smart Install feature on affected devices if not in use.
• Implement comprehensive security hardening measures to protect network devices from unauthorized access.

Sources

• BleepingComputer