Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

vendredi 6 avril 2018

UPDATE Cisco Smart Install Protocol Remote Code Execution Vulnerability (CERT-EU Security Advisory 2018-009)

On 28th of March 2018, Cisco published a security advisory concerning a buffer overflow discovered in Smart Install feature of Cisco IOS and Cisco IOS XE software. This vulnerability allows an unauthenticated, remote attacker to execute arbitrary code on an affected device. A proof of concept for the vulnerability has been published. Also, there are already many attacks observed in the wild.

Lien vers l'article source

Auteur: Cert EU

Catégories: CertEUNombre de vues: 226


Événements SSI