Cyber Security News (5th April 2018)

  1. Critical flaw leaves thousands of Cisco Switches vulnerable to remote hacking

Cisco switches are the networking device which are used to connects devices together on a computer network by using packet switching to receive, process, and forward data to the destination device . According to the latest report the Security researchers at Embedi have disclosed a critical vulnerability in Cisco IOS Software and Cisco IOS XE Software that could allow an unauthenticated, remote attacker to execute arbitrary code, take full control over the vulnerable network equipment and intercept traffic. The stack-based buffer overflow vulnerability (CVE-2018-0171) resides due to improper validation of packet data in Smart Install Client, a plug-and-play configuration and image-management feature that helps administrators to deploy (client) network switches easily. According to the researcher the device found a total of 8.5 million with the vulnerable port open on the Internet, leaving approximately 250,000 unpatched devices open to hackers.

Affected Hardware and Software: The affected devices are

Catalyst 4500 Supervisor Engines

Catalyst 3850 Series

Catalyst 3750 Series

Catalyst 3650 Series

Catalyst 3560 Series

Catalyst 2960 Series

Catalyst 2975 Series

IE 2000

IE 3000

IE 3010

IE 4000

IE 4010

IE 5000

SM-ES2 SKUs

SM-ES3 SKUs

NME-16ES-1G-P

SM-X-ES3 SKUs

Cyber Security Tips:  Users and administrators are strongly recommended that install free software updates to address the issue as soon as possible.

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create a free website or blog at WordPress.com.

Up ↑

%d bloggers like this: