FBI warns of Russian hackers exploiting 7-year-old Cisco flaw
What’s new: The FBI has issued a warning about Russian hackers linked to the FSB exploiting a 7-year-old vulnerability (CVE-2018-0171) in Cisco devices to target critical infrastructure organizations. The vulnerability allows unauthenticated attackers to remotely trigger device reloads, potentially leading to denial-of-service conditions or arbitrary code execution.
Who’s affected
Organizations across critical infrastructure sectors, including telecommunications, higher education, and manufacturing, are at risk, particularly those with unpatched Cisco devices that have the Smart Install feature enabled.
What to do
- Administrators should immediately patch affected Cisco devices to mitigate the risk associated with CVE-2018-0171.
- Disable the Smart Install feature on Cisco devices if it is not needed.
- Conduct a security audit to identify and secure any vulnerable devices within the network.
