A Question of Data Security

Vimal Rama Chandran


Maintaining high level of security around your business is extremely crucial since thousands of businesses are being exposed to security vulnerabilities every year.

The security firm Embedi has recently discovered a vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software, forcing Cisco to release software updates, including three critical remote code execution security bugs. The vulnerability makes it possible for an unauthenticated, remote attacker to trigger a reload of an affected device. Only Smart Install client switches are prone to attack; whereas Cisco devices that are configured as a Smart Install director are not affected.

“In a securely configured network, Smart Install technology participants should not be accessible through the internet. But scanning the internet has shown that this is not true,” Embedi said. “During a short scan of the internet, 250,000 vulnerable devices and 8.5 million devices that have a vulnerable port open were detected.”

The problem affects devices running Cisco XE Software 16.x that is deployed with Cisco ASR routers and Catalyst switches. Attackers can exploit the vulnerability by logging into Cisco routers and switches with a high-privileged account.

Devices running IOS XE 16.x bring a hidden default account named “cisco” and a static password. While default accounts are not a part of Cisco products, this appears to have been left during the testing phase of IOS XE and affects only the v16.x versions.

Security vulnerability can lead to the following issues:

  1. Triggering a reload of the device
  2. Execution of arbitrary code on the device
  3. An indefinite loop on the affected device that triggers a watchdog crash

According to Cisco, “the vulnerability is due to incorrect bounds checking of certain values in packets that are destined for UDP port 18999 of an affected device. An attacker could exploit this vulnerability by sending malicious packets to an affected device.”

Identifying vulnerable areas of your business and equipping your company with the necessary tools to minimize the risk of data breach are important steps that need to be taken to enable the smooth functioning of an enterprise.

“It takes decades to build a reputation and few minutes of cyber-incident to ruin it.”

Get in touch

Whatever your question our team will point you in the right direction

Start the conversation
Get in touch

Share to:

Copy link:

Copied to clipboard Copy