Attackers Exploit Cisco Switch Issue as Vendor Warns of Yet Another Critical Flaw
Cisco is urging organizations to immediately address a critical flaw in its network switches running IOS and IOS XE software amid reports of widespread attacks against the devices in several countries.
Cisco described the flaw — first disclosed March 29 by Embedi — as an issue that could allow an unauthenticated remote attacker to trigger a denial-of-service condition or to execute code of their choice on an affected device. Emedi on March 29 claimed it had found some 250,000 network devices that were vulnerable to the issue.
The RCE flaw is separate from a protocol misuse issue also related to the Smart Install function that Cisco first issued an advisory about on Feb 14, 2017 and has updated a couple of times. It is apparently the protocol misuse issue that attackers have been exploiting in the recent attacks, not the RCE flaw.
However, Cisco has urged organizations to address both issues immediately, citing widespread and ongoing attacks against its switches in multiple countries. "While we have only observed attacks leveraging the protocol misuse issue, recently, another vulnerability in the Cisco Smart Install Client was disclosed and patched," the company said in a blog. "While mitigating the protocol misuse issue, customers should also address this vulnerability."
'Don't mess with our elections'
Reuters over the weekend reported that some 200,000 Cisco switches had been compromised in attacks in multiple countries. Among those impacted were data centers and ISPs in Iran and Russia where the attackers displayed a US flag on the screens of compromised systems with the message, "Don't mess with our elections."
IRNA, Iran's official news agency said the attacks impacted at least 3,500 routers in the country. The agency quoted cybersecurity officials within the country as saying that attackers had tampered with configuration settings on the devices to cause systems to become unavailable.
Recommended For You
Managing device performance and securing IoT on enterprise networks requires a more comprehensive approach than conventional BYOD infrastructure management delivers.
It’s time to check your computer network because the bane of many a digital security professional’s existence has returned!
Network security is complex and challenging. If you want to strengthen your network security, never follow these four tips.
In the case of cloud-deployed systems that have exposed our data, that silver lining is that we know more about where and how these breaches occur.
IT and security teams must work together to ensure a company’s entire infrastructure is protected, regardless if workloads are run on-premises or in the cloud.