← ExploitWatch
HomeExploited Vulnerabilities

CVE-2018-0147 — Actively Exploited: Secure Access Control System (ACS) (Cisco)

A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected software.

CVE IDCVE-2018-0147
VendorCisco
ProductSecure Access Control System (ACS)
Vulnerability nameCisco Secure Access Control System Java Deserialization Vulnerability
Date added2022-03-25
Remediation due2022-04-15
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionA vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected software.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →