Following the WikiLeaks massive Vault 7 data leak, a new critical remote code vulnerability affecting 318 Cisco Systems switches has been revealed. While the data leak allegedly comes from the CIA, the vulnerability is very real, and Cisco has already issued an advisory for it.
The vulnerability involves the Cisco Cluster Management Protocol (CMP) that uses the Telnet protocol to accept and process malformed CMP-specific Telnet options. Consequently, an attacker could remotely dial into those switches and either cause a reload of the device or execute code running with elevated privileges.
Leave a reply