FBI warns Russian cybercriminals attacking devices using Cisco software with unpatched vulnerability

Aug 21, 2025 - 03:50 PM
cybersecurity-hand-lock-graphic_900x400

The FBI Aug. 20 released an advisory warning of malicious activity by Russian cyber actors targeting end-of-life devices running an unpatched vulnerability in Cisco Smart Install software. The agency said the actors, attributed to the Russian Federal Security Service’s Center 16, have been detected collecting configuration files for thousands of networking devices associated with U.S. entities across critical infrastructure sectors. On some devices, the files were modified to enable unauthorized access to the devices. The vulnerability was initially publicized in 2018.

“If you have vulnerable equipment in your network, please pay particular attention to ensuring that it is patched and running as securely as possible,” said Scott Gee, AHA deputy national advisor of cybersecurity and risk. “It is recommended that hospitals also make this equipment a priority for replacement since it’s no longer supported for updates by Cisco. It is also a good time to review the process for patch management and equipment upgrades, particularly focusing on patching known exploited vulnerabilities. The Cybersecurity Infrastructure and Security Agency maintains a catalog of KEVs.”

For more information on this or other cyber and risk issues, contact Gee at sgee@aha.org. For the latest cyber and risk resources and threat intelligence, visit aha.org/cybersecurity.

Related News Articles

Headline
AHA podcast: The FBI’s Campaign Against Cyberthreats Part 2
John Riggi, AHA national advisor for cybersecurity and risk, talks with Brett Leatherman, FBI assistant director, Cyber Division, and Gretchen Burrier, FBI…
Headline
AHA, FBI release resources on behavioral threat assessment and management
The AHA Feb. 9 released a series of behavioral threat assessment and management resources developed in partnership with the FBI’s Behavioral Analysis Unit-1.…
Headline
AHA podcast: The FBI’s Campaign Against Cyberthreats Part 1
John Riggi, AHA national advisor for cybersecurity and risk, talks with Brett Leatherman, FBI assistant director, Cyber Division, and Gretchen Burrier, FBI…
Headline
Open-source text program Notepad++ impacted by critical vulnerability
The National Institute of Standards and Technology Feb. 2 published details on a critical vulnerability that impacted Notepad++, a free, open-source text and…
Headline
FBI launches campaign to protect hospitals, other critical infrastructure against cyberattacks
The FBI has launched a two-month campaign, Operation Winter SHIELD (Securing Homeland Infrastructure by Enhancing Layered Defense), highlighting 10 actions…
Headline
Guides offer strategies on preparing for public health emergencies, cybersecurity incidents 
Two AHA guides offer strategies for hospitals and health systems in preparing for public health emergencies and disasters and managing cybersecurity incidents…