#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

cisco switch | Breaking Cybersecurity News | The Hacker News

Category — cisco switch
5 High Impact Flaws Affect Cisco Routers, Switches, IP Phones and Cameras

5 High Impact Flaws Affect Cisco Routers, Switches, IP Phones and Cameras

Feb 05, 2020
Several Cisco-manufactured network equipments have been found vulnerable to five new security vulnerabilities that could allow hackers to take complete control over them, and subsequently, over the enterprise networks they power. Four of the five high-severity bugs are remote code execution issues affecting Cisco routers, switches, and IP cameras, whereas the fifth vulnerability is a denial-of-service issue affecting Cisco IP phones. Collectively dubbed ' CDPwn ,' the reported vulnerabilities reside in the various implementations of the Cisco Discovery Protocol (CDP) that comes enabled by default on virtually all Cisco devices and can not be turned OFF. Cisco Discovery Protocol (CDP) is an administrative protocol that works at Layer 2 of the Internet Protocol (IP) stack. The protocol has been designed to let devices discover information about other locally attached Cisco equipment in the same network. According to a report Armis research team shared with The Hacker N...
Flaw Affecting Millions of Cisco Devices Let Attackers Implant Persistent Backdoor

Flaw Affecting Millions of Cisco Devices Let Attackers Implant Persistent Backdoor

May 14, 2019
Researchers have discovered a severe vulnerability in Cisco products that could allow attackers to implant persistent backdoor on wide range devices used in enterprises and government networks, including routers, switches, and firewalls. Dubbed Thrangrycat or 😾😾😾, the vulnerability, discovered by researchers from the security firm Red Balloon and identified as CVE-2019-1649, affects multiple Cisco products that support Trust Anchor module (TAm). Trust Anchor module (TAm) is a hardware-based Secure Boot functionality implemented in almost all of Cisco enterprise devices since 2013 that ensures the firmware running on hardware platforms is authentic and unmodified. However, researchers found a series of hardware design flaws that could allow an authenticated attacker to make the persistent modification to the Trust Anchor module via FPGA bitstream modification and load the malicious bootloader. "An attacker with root privileges on the device can modify the contents of...
Want to Grow Vulnerability Management into Exposure Management? Start Here!

Want to Grow Vulnerability Management into Exposure Management? Start Here!

Dec 05, 2024Attack Surface / Exposure Management
Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...
Critical flaw leaves thousands of Cisco Switches vulnerable to remote hacking

Critical flaw leaves thousands of Cisco Switches vulnerable to remote hacking

Apr 04, 2018
Security researchers at Embedi have disclosed a critical vulnerability in Cisco IOS Software and Cisco IOS XE Software that could allow an unauthenticated, remote attacker to execute arbitrary code, take full control over the vulnerable network equipment and intercept traffic. The stack-based buffer overflow vulnerability (CVE-2018-0171) resides due to improper validation of packet data in Smart Install Client, a plug-and-play configuration and image-management feature that helps administrators to deploy (client) network switches easily. Embedi has published technical details and Proof-of-Concept (PoC) code after Cisco today released patch updates to address this remote code execution vulnerability, which has been given a base Common Vulnerability Scoring System (CVSS) score of 9.8 (critical). Researchers found a total of 8.5 million devices with the vulnerable port open on the Internet, leaving approximately 250,000 unpatched devices open to hackers. To exploit this vu...
cyber security

Innovate Securely: Top Strategies to Harmonize AppSec and R&D Teams

websiteBackslashApplication Security
Tackle common challenges to make security and innovation work seamlessly.
Cisco Finally Patches 0-Day Exploit Disclosed In Wikileaks-CIA Leak

Cisco Finally Patches 0-Day Exploit Disclosed In Wikileaks-CIA Leak

May 10, 2017
Cisco Systems has finally released an update for its IOS and IOS XE software to address a critical vulnerability, disclosed nearly two months back in the CIA Vault 7 leak , that affects more than 300 of its switch models. The company identified the vulnerability in its product while analyzing "Vault 7" dump — thousands of documents and files leaked by Wikileaks, claiming to detail hacking tools and tactics of the U.S. Central Intelligence Agency (CIA). As previously reported , the vulnerability (CVE-2017-3881) resides in the Cluster Management Protocol (CMP) — which uses Telnet or SSH to deliver signals and commands on internal networks — in Cisco IOS and Cisco IOS XE Software. The vulnerability can be exploited remotely by sending "malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections," researchers say. The company warned users on April 10 that an exploit targeting...
Disable TELNET! Cisco finds 0-Day in CIA Dump affecting over 300 Network Switch Models

Disable TELNET! Cisco finds 0-Day in CIA Dump affecting over 300 Network Switch Models

Mar 20, 2017
Cisco is warning of a new critical zero-day IOS / IOS XE vulnerability that affects more than 300 of its switch models. The company identified this highest level of vulnerability in its product while analyzing " Vault 7 " — a roughly 8,761 documents and files leaked by Wikileaks last week, claiming to detail hacking tools and tactics of the Central Intelligence Agency (CIA). The vulnerability resides in the Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software. If exploited, the flaw ( CVE-2017-3881 ) could allow an unauthenticated, remote attacker to cause a reboot of an affected device or remotely execute malicious code on the device with elevated privileges to take full control of the device, Cisco says in its  advisory . The CMP protocol has been designed to pass around information about switch clusters between cluster members using Telnet or SSH. The vulnerability is in the default configuration of affected Cisco devices,...
Expert Insights / Articles Videos
Cybersecurity Resources