Cyber actors are using the Cisco Smart Install (SMI) feature to access sensitive data. This was discovered by the U.S. Cybersecurity and Infrastructure Security Agency (CISA). The agency also said that the use of weak passwords on Cisco network devices is exposing these devices to password-cracking attempts. CISA recommends “type 8 password protection for all Cisco devices.” They are also advising companies to review available configuration guidance. Cisco does not plan to implement any software updates to address the flaws as the affected devices are at end-of-life status. Users must instead transition to newer models. 

Read more: https://thehackernews.com/2024/08/cisa-warns-of-hackers-exploiting-legacy.html