Security News > 2024 > August > CISA Warns of Hackers Exploiting Legacy Cisco Smart Install Feature
The U.S. Cybersecurity and Infrastructure Security Agency has disclosed that threat actors are abusing the legacy Cisco Smart Install feature with the aim of accessing sensitive data.
The agency said it has seen adversaries "Acquire system configuration files by leveraging available protocols or software on devices, such as abusing the legacy Cisco Smart Install feature."
Password types refer to algorithms that are used to secure a Cisco device's password within a system configuration file.
"Organizations must ensure all passwords on network devices are stored using a sufficient level of protection," CISA said, adding it recommends "Type 8 password protection for all Cisco devices to protect passwords within configuration files."
Additional best practices include the use of a strong hashing algorithm to store passwords, avoiding password reuse, assigning strong and complex passwords, and refraining from using group accounts that do not provide accountability.
The development comes as Cisco warned of the public availability of a proof-of-concept code for CVE-2024-20419, a critical flaw impacting Smart Software Manager On-Prem that could enable a remote, unauthenticated attacker to change the password of any users.
News URL
https://thehackernews.com/2024/08/cisa-warns-of-hackers-exploiting-legacy.html
Related news
- CISA warns of hackers abusing Cisco Smart Install feature (source)
- Chinese Hackers Exploiting Cisco Switches Zero-Day to Deliver Malware (source)
- Cisco SSM On-Prem bug lets hackers change any user's password (source)
- Cisco Warns of Critical Flaw Affecting On-Prem Smart Software Manager (source)
- Critical Cisco bug lets hackers add root users on SEG devices (source)