1 min read

Remote Code Execution Vulnerability Affecting 318 Cisco Switches

Liviu ARSENE

March 21, 2017

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Remote Code Execution Vulnerability Affecting 318 Cisco Switches

Following the WikiLeaks massive Vault 7 data leak, a new critical remote code vulnerability affecting 318 Cisco Systems switches has been revealed. While the data leak allegedly comes from the CIA, the vulnerability is very real, and Cisco has already issued an advisory for it.

The vulnerability involves the Cisco Cluster Management Protocol (CMP) that uses the Telnet protocol to accept and process malformed CMP-specific Telnet options. Consequently, an attacker could remotely dial into those switches and either cause a reload of the device or execute code running with elevated privileges.

“An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections,” reads the Cisco Advisory. “An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device.”

Although the vulnerability is reportedly only active when the device is configured to accept any incoming Telnet connections – instead of only from internal cluster members – Cisco does mention that changing or disabling this setting could reduce the risk of compromise. However, the CVE-2017-3881 advisory reads that there are currently “no workarounds available” and that any Telnet session triggered over IPv4 or IPv6 can be exploited.

“The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory,” according to the same advisory.

While no patch is yet available for the vulnerability, the full list of 318 potentially affected devices can be found here.

tags


Author


Liviu ARSENE

Liviu Arsene is the proud owner of the secret to the fountain of never-ending energy. That's what's been helping him work his everything off as a passionate tech news editor for the past few years.

View all posts

You might also like

Bookmarks


loader