FBI Alerts on FSB-Linked Hackers Targeting Unpatched Cisco Devices for Cyber Espionage
Date: Aug 20, 2025 | Cyber Espionage / Vulnerability
A state-sponsored Russian hacking group, identified as Static Tundra, is exploiting a seven-year-old vulnerability in Cisco IOS and Cisco IOS XE software to gain persistent access to targeted networks. Cisco Talos revealed that these attacks are primarily aimed at telecommunications, higher education, and manufacturing sectors across North America, Asia, Africa, and Europe. Potential victims are selected based on their “strategic interest” to Russia, with recent targets focusing on Ukraine and its allies amid the ongoing Russo-Ukrainian conflict. The exploited vulnerability, CVE-2018-0171 (CVSS score: 9.8), is a critical flaw in the Smart Install feature of Cisco software, which may allow unauthorized remote attackers to initiate denial-of-service (DoS) attacks or execute arbitrary code.
FBI Alerts to FSB-Linked Hackers Targeting Unpatched Cisco Devices for Cyber Espionage On August 20, 2025, the FBI issued a warning regarding a Russian state-sponsored cyber espionage group known as Static Tundra. This group has been identified as exploiting a significant vulnerability in Cisco IOS and Cisco IOS XE software,…
FBI Alerts on FSB-Linked Hackers Targeting Unpatched Cisco Devices for Cyber Espionage
Date: Aug 20, 2025 | Cyber Espionage / Vulnerability
A state-sponsored Russian hacking group, identified as Static Tundra, is exploiting a seven-year-old vulnerability in Cisco IOS and Cisco IOS XE software to gain persistent access to targeted networks. Cisco Talos revealed that these attacks are primarily aimed at telecommunications, higher education, and manufacturing sectors across North America, Asia, Africa, and Europe. Potential victims are selected based on their “strategic interest” to Russia, with recent targets focusing on Ukraine and its allies amid the ongoing Russo-Ukrainian conflict. The exploited vulnerability, CVE-2018-0171 (CVSS score: 9.8), is a critical flaw in the Smart Install feature of Cisco software, which may allow unauthorized remote attackers to initiate denial-of-service (DoS) attacks or execute arbitrary code.