Get Even More Visitors To Your Blog, Upgrade To A Business Listing >>

Vault7 : Cisco Fixes CIA Exploits in Over 300 Different Switch Models

On March 9 2017, Multiven informed you of severe security vulnerabilities affecting over300 different Cisco switch models that were part of the leaked CIA exploits disclosed by Wikileaks in the Vault 7 leaks.

When exploited, this vulnerability would allow a cyberattacker to remotely take full control (or cause the reload of your switches) of your network via a simple telnet connection and compromise all your data traversing it.

Find below a proof-of-concept Remote Code Exploitation of this defect:

Cisco Catalyst Remote Code Execution

Even though disabling Telnet is a workaround, if you have an affected switch model in your network, Multiven strongly advises that you upgrade to a software version with fixes for this vulnerability.

Accordingly, please contact Cisco and reference the advisory below to get your free fixes:

Cisco Security Advisory

If you are unsuccessful with getting Cisco to provide you the fixed software, please create a Multiven TAC Support Task with the title “Request Fix for Cisco DDTS CSCvd48893” and provide the serial numbers of all affected devices so Multiven can secure the fixes on your behalf.

This post first appeared on A Blog About IT And Security, please read the originial post: here

Share the post

Vault7 : Cisco Fixes CIA Exploits in Over 300 Different Switch Models


Subscribe to A Blog About It And Security

Get updates delivered right to your inbox!

Thank you for your subscription