On March 9 2017, Multiven informed you of severe security vulnerabilities affecting over300 different Cisco switch models that were part of the leaked CIA exploits disclosed by Wikileaks in the Vault 7 leaks.

When exploited, this vulnerability would allow a cyberattacker to remotely take full control (or cause the reload of your switches) of your network via a simple telnet connection and compromise all your data traversing it.

Find below a proof-of-concept Remote Code Exploitation of this defect:

Cisco Catalyst Remote Code Execution

Even though disabling Telnet is a workaround, if you have an affected switch model in your network, Multiven strongly advises that you upgrade to a software version with fixes for this vulnerability.

Accordingly, please contact Cisco and reference the advisory below to get your free fixes:

Cisco Security Advisory

If you are unsuccessful with getting Cisco to provide you the fixed software, please create a Multiven TAC Support Task with the title “Request Fix for Cisco DDTS CSCvd48893” and provide the serial numbers of all affected devices so Multiven can secure the fixes on your behalf.