The Vault 7 revelation by Wikileaks brought to light the plethora of vulnerabilities in various devices that the CIA can leverage while performing hacking activities. Various companies including Apple and Google confirmed that they’ve fixed the bugs exposed in the CIA data leak. But it appears the dark clouds are still over the roofs of Cisco Systems.
The researchers at Cisco have found a critical vulnerability (CVE-2017-3881) in more than 300 models of their switches. The bug can allow potential hackers and agencies like CIA to take full control of the switches remotely.
According to an advisory, the bug rests on the Cisco Cluster Management Protocol (CMP) and allows an attacker to perform remote code execution with elevated privileges. CMP uses the telnet protocol as a means of signaling and sending commands on internal networks.
Cisco says the vulnerability arises out of the failure to limit the use of telnet options for local communications between clusters. Also, due to the incorrect processing of malformed CMP-specific telnet options.
According to the advisory, there is “no workaround for the vulnerability, ” and the company will be pushing software updates in the future. However, it only exists when the affected device is configured to accept incoming telnet connections. So, as a countermeasure, Cisco suggests disabling telnet for incoming connections with the help of the following instructions. The use of SSH protocol has been recommended.
Submitted by: Arnfried Walbrecht