Cisco’s Smart Install software has become the vector for a series of infrastructure attacks and politically-motivated defacements.
Cisco’s own Talos security limb reports that bad actors, some likely state-supported, have been scanning Switchzilla devices to see if they run Smart Install. The tool is insecure-by design because its purpose is to allow deployment of brand-new switches to remote sites. Those switches are therefore insecure as they await proper configuration.
Source: The Register