![]() The Cisco Smart Install (SMI) feature is enabled by default on Cisco switch software. Cisco Smart Install is a plug-and-play configuration management feature intended to allow zero-touch deployments of new network switches. Two recent critical and high severity Denial of Service (DOS) and Remote Code Execution (RCE) vulnerabilities have been disclosed in Cisco Smart Install (SMI) clients. Please review the “Mitigations and Response” section of this advisory. If updating network devices is not feasible and clients do not use SMI, two non-impactful workarounds and temporary mitigations are available. The Cyber Fusion Center highly recommends updating devices to the latest version of Cisco IOS or Cisco IOS XE which mitigate these and several other critical vulnerabilities. The Cisco Smart Install functionality is enabled by default on Cisco IOS and IOS XE switches that have not been updated to the latest Cisco software releases. These attacks impact Cisco Smart Install (SMI) client switches (known as integrated branch clients (IBCs), typically access layer switches). The Cyber Fusion Center has tracked attacks across internet facing devices as well as internalswitches which are reachable across site-to-site VPNs. Attackers are actively leveraging these vulnerabilities to reset vulnerable devices to factory default settings and force device restarts, resulting in a Denial of Service (DOS) condition. The Cyber Fusion Center has learned of malicious, seemly automated, exploitation of recent Cisco IOS and Cisco IOS XE critical vulnerabilities (CVE-2018-0171 & CVE-2018-0156) within Cisco Smart Install to cause mass network outages.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |