Cisco IOS XE Vulnerabilities (CVE-2018-0150, CVE-2018-0151, CVE-2018-171)
Three critical vulnerabilities in Cisco IOS XE can cause denial of service, unauthorized access, and remote code execution. Both GDT and Cisco’s Talos Intelligence Group have seen these vulnerabilities being exploited in the wild.
Cisco’s Smart Install is a configuration management feature that provides zero-touch deployment for new switches. Smart Install features no authentication by design and is typically only used in access-layer switches.