Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Device (Router/Bridge/Hub)  >   Cisco IOS Vendors:   Cisco
Cisco IOS/IOS XE Buffer Overflow in Processing Smart Install Packets Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1040580
SecurityTracker URL:
CVE Reference:   CVE-2018-0171   (Links to External Site)
Updated:  Apr 10 2018
Original Entry Date:  Mar 28 2018
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in Cisco IOS and IOS XE. A remote user can execute arbitrary code on the target system.

A remote user can send a specially crafted Smart Install message to TCP port 4786 to trigger a buffer overflow and execute arbitrary code on the target system. The code will run with the privileges of the target service.

Systems that have the Smart Install client feature enabled are affected.

The vendor has assigned bug IDs CSCvd36820 and CSCvg76186 to this vulnerability.

[Editor's note: On April 9, 2018, the vendor clarified that this vulnerability is not being actively exploited. However, the vendor also reported that a general "protocol misuse issue" in the Cisco Smart Install Client is being actively exploited on systems that have the feature enabled, not specific to any individual vulnerability in the Smart Install feature.]

George Nosenko (via GeekPwn) reported this vulnerability.

Impact:   A remote user can execute arbitrary code on the target system.
Solution:   The vendor has issued a fix.

The vendor advisory is available at:

[Editor's note: On April 9, 2018, the vendor advised that action is required to secure the Smart Install feature and issued an additional informational advisory, available at:]

Vendor URL: (Links to External Site)
Cause:   Boundary error

Message History:   None.

 Source Message Contents



Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, LLC