Security News > 2018 > April > Critical vulnerability opens Cisco switches to remote attack
2018-04-04 15:35
A critical vulnerability affecting many of Cisco’s networking devices could be exploited by unauthenticated, remote attackers to take over vulnerable devices or trigger a reload and crash. The company says that the vulnerability is not actively exploited in the wild, but as information about it and Proof-of-Concept code has now been published network administrators would do well to install the released security updates as soon a possible. About the vulnerability (CVE-2018-0171) The flaw was discovered … More → The post Critical vulnerability opens Cisco switches to remote attack appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/_Ocj-N2qnk8/
Related news
- Critical 'BatBadBut' Rust Vulnerability Exposes Windows Systems to Attacks (source)
- Critical FortiClient EMS vulnerability fixed, (fake?) PoC for sale (CVE-2023-48788) (source)
- Public anxiety mounts over critical infrastructure resilience to cyber attacks (source)
- Fortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool (source)
- PoC exploit for critical Fortra FileCatalyst MFT vulnerability released (CVE-2024-25153) (source)
- Ivanti Releases Urgent Fix for Critical Sentry RCE Vulnerability (source)
- US sanctions APT31 hackers behind critical infrastructure attacks (source)
- Critical Unpatched Ray AI Platform Vulnerability Exploited for Cryptocurrency Mining (source)
- Cisco warns of password-spraying attacks targeting VPN services (source)
- Cyber attacks on critical infrastructure show advanced tactics and new capabilities (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-28 | CVE-2018-0171 | Out-of-bounds Write vulnerability in Cisco IOS 15.2(5)E A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. | 10.0 |