#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
State of SaaS

cisco switch | Breaking Cybersecurity News | The Hacker News

Category — cisco switch
5 High Impact Flaws Affect Cisco Routers, Switches, IP Phones and Cameras

5 High Impact Flaws Affect Cisco Routers, Switches, IP Phones and Cameras

Feb 05, 2020
Several Cisco-manufactured network equipments have been found vulnerable to five new security vulnerabilities that could allow hackers to take complete control over them, and subsequently, over the enterprise networks they power. Four of the five high-severity bugs are remote code execution issues affecting Cisco routers, switches, and IP cameras, whereas the fifth vulnerability is a denial-of-service issue affecting Cisco IP phones. Collectively dubbed ' CDPwn ,' the reported vulnerabilities reside in the various implementations of the Cisco Discovery Protocol (CDP) that comes enabled by default on virtually all Cisco devices and can not be turned OFF. Cisco Discovery Protocol (CDP) is an administrative protocol that works at Layer 2 of the Internet Protocol (IP) stack. The protocol has been designed to let devices discover information about other locally attached Cisco equipment in the same network. According to a report Armis research team shared with The Hacker N...
Flaw Affecting Millions of Cisco Devices Let Attackers Implant Persistent Backdoor

Flaw Affecting Millions of Cisco Devices Let Attackers Implant Persistent Backdoor

May 14, 2019
Researchers have discovered a severe vulnerability in Cisco products that could allow attackers to implant persistent backdoor on wide range devices used in enterprises and government networks, including routers, switches, and firewalls. Dubbed Thrangrycat or 😾😾😾, the vulnerability, discovered by researchers from the security firm Red Balloon and identified as CVE-2019-1649, affects multiple Cisco products that support Trust Anchor module (TAm). Trust Anchor module (TAm) is a hardware-based Secure Boot functionality implemented in almost all of Cisco enterprise devices since 2013 that ensures the firmware running on hardware platforms is authentic and unmodified. However, researchers found a series of hardware design flaws that could allow an authenticated attacker to make the persistent modification to the Trust Anchor module via FPGA bitstream modification and load the malicious bootloader. "An attacker with root privileges on the device can modify the contents of...
The $10 Cyber Threat Responsible for the Biggest Breaches of 2024

The $10 Cyber Threat Responsible for the Biggest Breaches of 2024

Jan 16, 2025Identity Protection / SaaS Security
You can tell the story of the current state of stolen credential-based attacks in three numbers: Stolen credentials were the #1 attacker action in 2023/24, and the breach vector for 80% of web app attacks . (Source: Verizon). Cybersecurity budgets grew again in 2024, with organizations now spending almost $1,100 per user (Source: Forrester).  Stolen credentials on criminal forums cost as little as $10 (Source: Verizon). Something doesn't add up. So, what's going on? In this article, we'll cover: What's contributing to the huge rise in account compromises linked to stolen creds and why existing approaches aren't working.  The world of murky intelligence on stolen credentials, and how to cut through the noise to find the true positives. Recommendations for security teams to stop attackers from using stolen creds to achieve account takeover. Stolen credential-based attacks are on the rise There's clear evidence that identity attacks are now the #1 cyber threat f...
Critical flaw leaves thousands of Cisco Switches vulnerable to remote hacking

Critical flaw leaves thousands of Cisco Switches vulnerable to remote hacking

Apr 04, 2018
Security researchers at Embedi have disclosed a critical vulnerability in Cisco IOS Software and Cisco IOS XE Software that could allow an unauthenticated, remote attacker to execute arbitrary code, take full control over the vulnerable network equipment and intercept traffic. The stack-based buffer overflow vulnerability (CVE-2018-0171) resides due to improper validation of packet data in Smart Install Client, a plug-and-play configuration and image-management feature that helps administrators to deploy (client) network switches easily. Embedi has published technical details and Proof-of-Concept (PoC) code after Cisco today released patch updates to address this remote code execution vulnerability, which has been given a base Common Vulnerability Scoring System (CVSS) score of 9.8 (critical). Researchers found a total of 8.5 million devices with the vulnerable port open on the Internet, leaving approximately 250,000 unpatched devices open to hackers. To exploit this vu...
cyber security

2024: A year of identity attacks | Get the new ebook

websitePush SecurityIdentity Security
Identity attacks were the leading cause of breaches in 2024. Learn how tooling and techniques are evolving.
Cisco Finally Patches 0-Day Exploit Disclosed In Wikileaks-CIA Leak

Cisco Finally Patches 0-Day Exploit Disclosed In Wikileaks-CIA Leak

May 10, 2017
Cisco Systems has finally released an update for its IOS and IOS XE software to address a critical vulnerability, disclosed nearly two months back in the CIA Vault 7 leak , that affects more than 300 of its switch models. The company identified the vulnerability in its product while analyzing "Vault 7" dump — thousands of documents and files leaked by Wikileaks, claiming to detail hacking tools and tactics of the U.S. Central Intelligence Agency (CIA). As previously reported , the vulnerability (CVE-2017-3881) resides in the Cluster Management Protocol (CMP) — which uses Telnet or SSH to deliver signals and commands on internal networks — in Cisco IOS and Cisco IOS XE Software. The vulnerability can be exploited remotely by sending "malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections," researchers say. The company warned users on April 10 that an exploit targeting...
Disable TELNET! Cisco finds 0-Day in CIA Dump affecting over 300 Network Switch Models

Disable TELNET! Cisco finds 0-Day in CIA Dump affecting over 300 Network Switch Models

Mar 20, 2017
Cisco is warning of a new critical zero-day IOS / IOS XE vulnerability that affects more than 300 of its switch models. The company identified this highest level of vulnerability in its product while analyzing " Vault 7 " — a roughly 8,761 documents and files leaked by Wikileaks last week, claiming to detail hacking tools and tactics of the Central Intelligence Agency (CIA). The vulnerability resides in the Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software. If exploited, the flaw ( CVE-2017-3881 ) could allow an unauthenticated, remote attacker to cause a reboot of an affected device or remotely execute malicious code on the device with elevated privileges to take full control of the device, Cisco says in its  advisory . The CMP protocol has been designed to pass around information about switch clusters between cluster members using Telnet or SSH. The vulnerability is in the default configuration of affected Cisco devices,...
Expert Insights / Articles Videos
Cybersecurity Resources