cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Esben_D
Lansweeper Employee
Lansweeper Employee
In light of the recent Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability, we created a report which can be used to find possible vulnerable Cisco switches.

Cisco switches will in most cases have their software name and version in the description once scanned by Lansweeper. Based on the description, the report below will display all switches that have "IOS" or "IOS XE" software.
Select Distinct Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tsysAssetTypes.AssetTypename,
tblAssetCustom.Manufacturer,
tblAssets.IPAddress,
tblAssets.Mac,
tblAssets.Description,
tsysAssetTypes.AssetTypeIcon10 As icon,
tblAssets.Lastseen,
tblAssets.Lasttried
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tblSNMPInfo On tblAssets.AssetID = tblSNMPInfo.AssetID
Where (tblAssets.Description Like '%IOS%' Or tblAssets.Description Like
'%IOS%XE%') And tblAssetCustom.State = 1
Order By tblAssets.AssetName

To use the report, do the following:
  1. Add the report to Lansweeper. Instructions can be found here.
  2. Find the software type (IOS or IOS XE) and version numbers of the switches in the report's "Description" column.
  3. Enter the version numbers in Cisco's software checker here: https://tools.cisco.com/security/center/softwarechecker.x

    Cisco IOS Software Checker

  4. Click Continue twice and check if "Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability" is in the list of affected security advisories.

    Security Advisories That Affect This Release
1 Comment

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now