The FBI warns that hackers associated with Russiaβs FSB are exploiting a seven-year-old Cisco vulnerability (CVE-2018-0171) to target critical infrastructure worldwide. The threat group, Berserk Bear, is using these exploits to gather network information and gain unauthorized access, prompting urgent patching recommendations. #BerserkBear #CVE-2018-0171
Keypoints
- The FBI has issued a warning about Russian-linked hackers exploiting a Cisco flaw.
- The vulnerability CVE-2018-0171 affects Cisco IOS and IOS XE softwareβs Smart Install feature.
- Attackers can trigger device reboots, cause DoS, or execute arbitrary code remotely.
- Hackers have accessed and modified configurations on network devices related to critical infrastructure.
- Cisco, along with Cisco Talos, urges immediate patching to prevent ongoing exploitation.