Cisco reveals Salt Typhoon used CVE-2018-0171 to breach target networks
It needed login credentials, first
The attackers are highly sophisticated and well-funded, Cisco said
Chinese state-sponsored threat actor Salt Typhoon was abusing a vulnerability in the Smart Install feature of Cisco IOS software and Cisco IOS XE software to compromise US telecoms networks, experts have confirmed.
In a new blog post, Cisco said it found evidence of Salt Typhoon abusing CVE-2018-0171, a 9.8/10 (critical) vulnerability that allows threat actors to execute arbitrary code on an affected device.
