Cisco Security Advisory: Cisco IOS Software Smart Install Denial of Service Vulnerability
Cisco IOS Software contains a vulnerability in the Smart Install feature that could allow an unauthenticated, remote attacker to cause a reload of an affected device if the Smart Install feature is enabled. The vulnerability is triggered when an affected device processes a malformed Smart Install message on TCP port 4786.
Cisco has released free software updates that address this vulnerability. There are no workarounds to mitigate this vulnerability.
This advisory is available at the following link:
- Cisco Security Advisory: Cisco Small Business SRP 500 Series (netsecurityit.wordpress.com)
- Cisco: Multiple Vulnerabilities; ASA 5500, Catalyst 6500 (netsecurityit.wordpress.com)
- Cisco Security Advisory: Cisco NX-OS (netsecurityit.wordpress.com)
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers (netsecurityit.wordpress.com)