Security News > 2025 > February > Cisco Confirms Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks

Cisco Confirms Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks
2025-02-21 07:38

Cisco has confirmed that a Chinese threat actor known as Salt Typhoon gained access by likely abusing a known security flaw tracked as CVE-2018-0171, and by obtaining legitimate victim login credentials as part of a targeted campaign aimed at major U.S. telecommunications companies. "The threat actor then demonstrated their ability to persist in target environments across equipment from multiple


News URL

https://thehackernews.com/2025/02/cisco-confirms-salt-typhoon-exploited.html

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2018-03-28 CVE-2018-0171 Out-of-bounds Write vulnerability in Cisco IOS 15.2(5)E
A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device.
network
low complexity
cisco CWE-787
critical
 9.8
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 2047 21 1773 1670 288 3752