Skip to main content

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Call the 24/7 ScamShield Helpline at 1799 if you are unsure if something is a scam.

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Active Exploitation of Cisco Smart Install Client Vulnerability
Alerts

Active Exploitation of Cisco Smart Install Client Vulnerability

21 August 2025

Cisco is aware of continued exploitation of a critical vulnerability (CVE-2018-0171) affecting the Cisco Smart Install Client.

Background

Cisco is aware of continued exploitation of a critical vulnerability (CVE-2018-0171) affecting the Cisco Smart Install Client.

Impact

Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code by sending a crafted Smart Install message to a vulnerable device on TCP port 4786.

Affected Products

Smart Install client switches that are running a vulnerable release of Cisco IOS or IOS XE Software and have the Smart Install client feature enabled. 

Only Smart Install client switches are affected by the vulnerability. Cisco devices that are configured as a Smart Install director are not affected.

Users and administrators can use the Cisco IOS Software Checker tool to determine if their product version is affected by this vulnerability.

Known Exploitation

This vulnerability is reported to be actively exploited in the wild.

Mitigation

Users and administrators of affected product versions are strongly advised to apply latest patches immediately.

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2

https://nvd.nist.gov/vuln/detail/cve-2018-0171

Back to top