Security News > 2018 > April > Critical flaw leaves thousands of Cisco Switches vulnerable to remote hacking

Critical flaw leaves thousands of Cisco Switches vulnerable to remote hacking
2018-04-04 23:39

Security researchers at Embedi have disclosed a critical vulnerability in Cisco IOS Software and Cisco IOS XE Software that could allow an unauthenticated, remote attacker to execute arbitrary code, take full control over the vulnerable network equipment and intercept traffic. The stack-based buffer overflow vulnerability (CVE-2018-0171) resides due to improper validation of packet data in


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/OYS7Grn_LDA/cisco-switches-hacking.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2018-03-28 CVE-2018-0171 Out-of-bounds Write vulnerability in Cisco IOS 15.2(5)E
A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device.
network
low complexity
cisco CWE-787
critical
 10.0
10

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 4442 231 3052 1816 604 5703