0. Determine who purchased the device. You will need to send an email from their CCO registered account. This does not mean it needs an active contract.
1. Log onto the device and capture all of the output of “show version”
2. Go to http://tools.cisco.com/security/center/selectIOSVersion.x and select the “B” option to use the “show version” output
3. Choose to view all security vulnerabilties
4. Send an email to firstname.lastname@example.org with
- The output of “show version” in the body of the e-mail
- Serial number of the device in the body of the e-mail (yes, even though it’s in show ver)
- A list of all vulnerabilities for the selected IOS from cisco’s website in the body of the e-mail (just copy and paste the links)
- Request a non-vulnerable IOS version
5. Wait and they should send you a link to download the IOS.