1 min read

Remote Code Execution Vulnerability Affecting 318 Cisco Switches

Liviu ARSENE

March 21, 2017

Remote Code Execution Vulnerability Affecting 318 Cisco Switches

Following the WikiLeaks massive Vault 7 data leak, a new critical remote code vulnerability affecting 318 Cisco Systems switches has been revealed. While the data leak allegedly comes from the CIA, the vulnerability is very real, and Cisco has already issued an advisory for it.

The vulnerability involves the Cisco Cluster Management Protocol (CMP) that uses the Telnet protocol to accept and process malformed CMP-specific Telnet options. Consequently, an attacker could remotely dial into those switches and either cause a reload of the device or execute code running with elevated privileges.

“An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections,” reads the Cisco Advisory. “An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device.”

Although the vulnerability is reportedly only active when the device is configured to accept any incoming Telnet connections – instead of only from internal cluster members – Cisco does mention that changing or disabling this setting could reduce the risk of compromise. However, the CVE-2017-3881 advisory reads that there are currently “no workarounds available” and that any Telnet session triggered over IPv4 or IPv6 can be exploited.

“The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory,” according to the same advisory.

While no patch is yet available for the vulnerability, the full list of 318 potentially affected devices can be found here.

tags


Author



Right now

Top posts

Ultimate Privacy Guide for Your Facebook Account

Ultimate Privacy Guide for Your Facebook Account

August 31, 2021

6 min read
7 Signs It’s Time to Use Parental Controls On Your Family’s Devices

7 Signs It’s Time to Use Parental Controls On Your Family’s Devices

August 27, 2021

2 min read
Your Netflix Account May Be on Sale on Darkweb. Protect It

Your Netflix Account May Be on Sale on Darkweb. Protect It

August 13, 2021

3 min read
E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

July 29, 2021

5 min read
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Microsoft Drops Password Authentication for Most Products Microsoft Drops Password Authentication for Most Products
Silviu STAHIE

September 16, 2021

1 min read
Apple Rolls Out Urgent Patch for Zero-Day Flaws in iOS, macOS and watchOS Apple Rolls Out Urgent Patch for Zero-Day Flaws in iOS, macOS and watchOS
Filip TRUȚĂ

September 14, 2021

2 min read
WhatsApp Users Get Option to Encrypt Backups WhatsApp Users Get Option to Encrypt Backups
Silviu STAHIE

September 13, 2021

1 min read