Cisco PSIRT has published a new security advisory for abuse of the Smart Install protocol. IT giant has identified hundreds of thousands of exposed devices and warned critical infrastructure using them of potential risks. Smart Install is a legacy plug-and-play configuration and image-management feature that provides zero-touch deployment for new switches. Cisco experts revealed they had identified roughly 250,000 vulnerable Cisco devices with TCP port 4786 open. A recent scan performed by Cisco revealed 168,000 systems are exposed online.”]
Source: https://securityaffairs.co/wordpress/71102/hacking/cisco-smart-install-hack.html