Slyck.com
 
Slyck Chatbox - And More

A Simple Command Allows The CIA To Commandeer 318 Models Of Cisco Switches

What's happening in the world of technology related to hardware. Please submit stories for this forum here.
Forum rules
PLEASE READ BEFORE POSTING: Slyck Forum Rules

A Simple Command Allows The CIA To Commandeer 318 Models Of Cisco Switches

Postby sunnyd » Mon Mar 20, 2017 12:27 pm

Story : https://arstechnica.com/security/2017/03/a-simple-command-allows-the-cia-to-comm





Cisco Systems said that more than 300 models of switches it sells contain a critical vulnerability that allows the CIA to use a simple command to remotely execute malicious code that takes full control of the devices. There currently is no fix.

Cisco researchers said they discovered the vulnerability as they analyzed a cache of documents that are believed to have been stolen from the CIA and published by WikiLeaks two weeks ago. The flaw, found in at least 318 switches, allows remote attackers to execute code that runs with elevated privileges, Cisco warned in an advisory published Friday. The bug resides in the Cisco Cluster Management Protocol (CMP), which uses the telnet protocol to deliver signals and commands on internal networks. It stems from a failure to restrict telnet options to local communications and the incorrect processing of malformed CMP-only telnet options.

"An attacker could exploit this vulnerability by sending malformed CMP-specific telnet options while establishing a telnet session with an affected Cisco device configured to accept telnet connections," the advisory stated. "An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device."

Compounding the risk, vulnerable switches will process CMP-specific telnet options by default, "even if no cluster configuration commands are present on the device configuration," the advisory warned. The vulnerability mostly affects Cisco Catalyst switches but is also found in Industrial Ethernet switches and embedded services. Cisco plans to release a fix at an unspecified data.







Follow Slyck on Twitter @SlyckDotCom
Join Slyck's Facebook Fan Page
User avatar
sunnyd
 
Posts: 30027
Joined: Mon Jan 21, 2008 2:34 pm

Return to Tech/Hardware News

Who is online

Users browsing this forum: No registered users and 2 guests

© 2001-2008 Slyck.com