CVE-2018-0171
Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability
CVSS
—
No CVSS
EPSS
99.5%
p100
KEV
YES
Nov 3, 2021
Exploit Today
80
0-100
Published: — · Last modified: —
99.5%EPSS · 30 days99.5%
2026-06-302026-07-16
Product
Cisco / IOS and IOS XE
Vulnerability
Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability
Added to KEV
Nov 3, 2021
Remediate by
May 3, 2022
Known ransomware use
No
Summary description
Cisco IOS and IOS XE Software improperly validates packet data, allowing an unauthenticated, remote attacker to trigger a reload of an affected device, cause a denial-of-service (DoS) condition, or perform code execution on the affected device.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2018-0171
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2017-3881—99.9%
KEV—80Cisco IOS and IOS XE Remote Code Execution Vulnerability—CVE-2025-20352—98.4%
KEV—80Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability—CVE-2023-20109—81.7%
KEV—75Cisco IOS and IOS XE Group Encrypted Transport VPN Out-of-Bounds Write Vulnerability—