DooKey
[H]F Junkie
- Joined
- Apr 25, 2001
- Messages
- 13,554
Cisco has released a warning to their customers to patch their Smart Install client software (Warning auto play video) because hackers are exploiting a "protocol misuse" issue in the client. These attacks are primarily to critical infrastructure providers according to Cisco and CERT has linked them to nation-state attackers. Cisco has discovered 168K systems in the wild that are potentially exposed due to improper configuration and there are probably many more.
"Although this is not a vulnerability in the classic sense, the misuse of this protocol is an attack vector that should be mitigated immediately. Throughout the end of 2017 and early 2018, Talos has observed attackers trying to scan clients using this vulnerability. Recent information has increased the urgency of this issue."
"Although this is not a vulnerability in the classic sense, the misuse of this protocol is an attack vector that should be mitigated immediately. Throughout the end of 2017 and early 2018, Talos has observed attackers trying to scan clients using this vulnerability. Recent information has increased the urgency of this issue."