Vulnerability cyber

Cisco

Apr 12, 2025 1 min read
Cisco

A severe vulnerability in Cisco's networking equipment, identified as CVE-2018-0171, has been exploited by attackers, notably by the APT group Salt Typhoon. Despite a patch released in 2018, over 1,200 devices remain unpatched, providing an attack surface for unauthorized remote code execution and configuration theft. The attack chiefly involves using the Smart Install feature to extract sensitive data from networking devices, exacerbating the risk of further infiltrations and potentially catastrophic network breaches. This enduring security oversight, which notably affected telecommunications providers, exemplifies the danger legacy systems pose to the current technology infrastructure.

Source: https://cybersecuritynews.com/seven-years-old-cisco-vulnerability-exposes-cisco-devices/

TPRM report: https://scoringcyber.rankiteo.com/company/cisco

"id": "cis929041225",
"linkid": "cisco",
"type": "Vulnerability",
"date": "4/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'industry': 'Networking Equipment',
                        'name': 'Cisco',
                        'type': 'Technology Company'}],
 'attack_vector': 'Remote Code Execution, Configuration Theft',
 'data_breach': {'data_exfiltration': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'Sensitive Data'},
 'description': "A severe vulnerability in Cisco's networking equipment, "
                'identified as CVE-2018-0171, has been exploited by attackers, '
                'notably by the APT group Salt Typhoon. Despite a patch '
                'released in 2018, over 1,200 devices remain unpatched, '
                'providing an attack surface for unauthorized remote code '
                'execution and configuration theft. The attack chiefly '
                'involves using the Smart Install feature to extract sensitive '
                'data from networking devices, exacerbating the risk of '
                'further infiltrations and potentially catastrophic network '
                'breaches. This enduring security oversight, which notably '
                'affected telecommunications providers, exemplifies the danger '
                'legacy systems pose to the current technology infrastructure.',
 'impact': {'data_compromised': 'Sensitive Data',
            'systems_affected': 'Networking Devices'},
 'initial_access_broker': {'entry_point': 'Smart Install Feature',
                           'high_value_targets': 'Telecommunications '
                                                 'Providers'},
 'motivation': 'Data Theft, Unauthorized Access',
 'post_incident_analysis': {'root_causes': 'Unpatched Systems'},
 'threat_actor': 'Salt Typhoon',
 'title': 'CVE-2018-0171 Exploitation in Cisco Networking Equipment',
 'type': 'Vulnerability Exploitation',
 'vulnerability_exploited': 'CVE-2018-0171'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.