1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • FBI warns Russian hackers are targeting an old Cisco security fla

    From TechnologyDaily@1337:1/100 to All on Thu Aug 21 17:15:09 2025
    FBI warns Russian hackers are targeting an old Cisco security flaw, so patch now

    Date:
    Thu, 21 Aug 2025 16:05:00 +0000

    Description:
    A seven-year-old Cisco flaw is reportedly being abused in espionage campaigns conducted by Russia's FSB.

    FULL STORY ======================================================================The FBI has warned of Russian hackers abusing CVE-2018-0171 Configuration files from "thousands" of Cisco devices were already stolen The bug affects many
    outdated endpoints, so patch now

    Russian state-sponsored threat actors are abusing a years-old Cisco vulnerability to spy on organizations in the West, the FBI is warning.

    In a public service announcement posted on the IC3 website, the FBI said it saw Center 16 - a threat actor linked to the Russian Federal Security Service (FSB) - exploiting Simple Network Management Protocol (SNMP), and a vulnerability in Cisco Smart Install (SMI) instances that reached end-of-life status.

    The goal, the agency says, is to broadly target entities in the United States and globally. End of life

    The vulnerability being exploited here is tracked as CVE-2018-0171.
    Discovered roughly seven years ago, this improper validation of packet data flaw in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software allows unauthenticated, remote adversaries, to trigger a reload of
    an affected device, resulting in either arbitrary code execution, or a denial of service (DoS) condition.

    The bug affected a wide range of Cisco Catalyst switches , including models from the Catalyst 2000, 3000, 3650, 3850, 4500, and 9000 series.

    Cisco Industrial Ethernet switches, as well as some Nexus data center
    switches that had Smart Install enabled by default, were also affected.

    Many of the older devices (Catalyst 2960, 3560, 3750, 4500E) have reached end-of-life, meaning they were never patched for this bug and remain vulnerable. Cisco advises users to replace them with newer models, such as those from the Catalyst 9000 series, which remain active product lines.

    Over the past year, the FBI saw Center 16 collect configuration files for thousands of networking devices from US entities, mostly in the critical infrastructure sector.

    On some vulnerable devices, the actors modified configuration files to enable unauthorized access to those devices, the FBI explained.

    The actors used the unauthorized access to conduct reconnaissance in the victim networks, which revealed their interest in protocols and applications commonly associated with industrial control systems.

    Via The Register You might also like Cisco warns of worrying major security flaw in firewall command center, so patch now Take a look at our guide to the best authenticator app We've rounded up the best password managers



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/fbi-warns-russian-hackers-are-targeting -an-old-cisco-security-flaw-so-patch-now


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)