Cisco Smart Install Protocol Still Abused in Attacks, 5 Years After First Warning

Source
Advertisement


Cisco describes Smart Install as a plug-and-play configuration and image-management feature that provides zero-touch deployment for new switches. Smart Install can be very useful for organizations, but it can also pose a serious security risk.

Once a device has been set up through Smart Install, the feature remains enabled and it can be accessed without authentication. This has allowed malicious actors to remotely target devices on which Smart Install is enabled, including to reload devices, load a new operating system image, and execute arbitrary commands with elevated privileges.

Advertisement