Cisco says some of its Cisco VIRL-PE servers were hacked by exploiting critical SaltStack vulnerabilities. The vulnerabilities were patched on May 7, 2020. Cisco is not the first organization to announce a security breach caused by exploiting the SaltStack flaws. There were more than 5,000 Internet-exposed SaltStack servers potentially vulnerable attacks designed to exploit the two bugs. The company released security updates that patch the Cisco Modeling Labs Corporate Edition (CML) and Cisco Virtual Internet Routing Lab Personal Edition products.
Source: https://www.bleepingcomputer.com/news/security/cisco-hacked-by-exploiting-vulnerable-saltstack-servers/