https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2020 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2020 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Digital Service Providers
  • Cloud Service Providers
  • CHANNEL PARTNERS ONLINE
 Channel Futures

Data Centers


Cisco Reveals Critical Vulnerability Found in WikiLeaks Vault 7 Docs

Cisco Reveals Critical Vulnerability Found in WikiLeaks’ ‘Vault 7’ Docs

  • Written by Aldrin Brown
  • March 23, 2017
The security hole - identified from a leak of secret C.I.A. cyber tools - could allow hackers to access the IOS and IOS XE software inside hundreds of models of Cisco routers and switches.

Cisco Systems said it has found a critical vulnerability affecting the IOS and IOS XE software inside hundreds of models of its routers and switches.

The security hole was discovered during an internal review by Cisco following this month’s “Vault 7” document dump by WikiLeaks, which detailed classified details of the C.I.A.’s cyber espionage toolkit.

Among the records were several hundred million lines of code that lay out the intelligence agency’s methods for hacking into computers, smart TVs, and Apple and Android smartphones.

“Based on the ‘Vault 7’ public disclosure, Cisco launched an investigation into the products that could potentially be impacted by these and similar exploits and vulnerabilities,” said a blog post by Omar Santos, a Cisco security engineer. “As part of the internal investigation of our own products and the publicly available information, Cisco security researchers found a vulnerability in the Cluster Management Protocol (CMP) code in Cisco IOS and Cisco IOS XE software that could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges.”

Click here to view a full list of affected Cisco products.

Thus far there have been no reported attacks involving the flaw.

“The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory,” the security advisory said.

The WikiLeaks’ disclosure did not include complete instructions for creating cyber espionage tools and weapons.

Days after the dump, WikiLeaks announced that it would work with manufacturers of the affected hardware and software to fix the security flaws before releasing the full code publicly.

“After considering what we think is the best way to proceed and hearing these calls from some of the manufacturers, we have decided to work with them to give them exclusive access to additional technical details we have, so that fixes can be developed and pushed out,” WikiLeaks editor Julian Assange said during a news conference. “Once this material is effectively disarmed by us, we will publish additional details about what has been occurring.”

There was no immediate word on when — or whether — Cisco would work with WikiLeaks to obtain the technical information needed to patch the flaw.

“Since none of the tools and malware referenced in the initial Vault 7 disclosure have been made available by Wikileaks, the scope of action that can be taken by Cisco is limited,” security incident manager Dario Ciccarone wrote in a March 7 Cisco blog post. 

“An ongoing investigation and focused analysis of the areas of code that are alluded to in the disclosure is underway,” the post continued. “Until more information is available, there is little Cisco can do at this time from a vulnerability handling perspective.”

The Cisco problem takes advantage of the CMP’s use of Telnet internally as a “signaling and command protocol between cluster members,” Cisco’s advisory said.

The vulnerability stems from a combination of factors:

  • The failure to restrict the use of CMP-specific Telnet options only to internal, local communications between cluster members and instead accept and process such options over any Telnet connection to an affected device.
  • The incorrect processing of malformed CMP-specific Telnet options.

“An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections,” the advisory states.

It adds that Cisco will release software updates when available, and that there are no immediate workarounds.

“In terms of mitigations to consider, disabling the Telnet protocol as an allowed protocol for incoming connections would eliminate the exploit vector,” Santos’ blog states. “Disabling Telnet and using SSH is recommended by Cisco.”

The Cisco blog offers extensive information for hardening Cisco IOS devices and implementing infrastructure protection access control lists.   

 

Send tips and news to MSPmentorNews@Penton.com.

Tags: VARs/SIs Data Centers

Related


  • data migration
    The Right Data Migration Tool Helps Schools Move to Cloud During COVID Crisis
    Effective data migration tools enable schools to move to a secure cloud environment, making applications and content easier to access, as well as mitigating the risk of data loss.
  • Target group
    Stratus Technologies Targets VARs with New Partner Program
    Stratus offers two edge computing platforms.
  • Woman Thumbs Up
    HPE, Synnex Channel Execs Look Forward to Former Intel CTO Returning as CEO
    One Intel partner calls Gelsinger an industry veteran and visionary.
  • Managed migration
    D&H Extends Financing Terms to Help Partners Amid COVID-19
    Sales through this program increased approximately 85% in the past year to date, year over year.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • How the Channel Is Preparing for Brexit
  • Daunting Year Ahead: 12 Cybersecurity Predictions for 2021
  • AWS Still Chasing JEDI, Blasts Trump Administration Again
  • D&H Distributing Ramps Up and Formalizes Professional Services

Galleries

View all

New, Changing Partner Programs: AWS, Tech Data, Avaya, Verizon

January 11, 2021

Industry Perspectives

View all

The Importance of Being Security-Centric

January 22, 2021

Cyberattacks: Threat Hunters Conquer Unpredictability with 3 Measures

January 21, 2021

The Right Data Migration Tool Helps Schools Move to Cloud During COVID Crisis

January 19, 2021

Webinars

View all

Who’s Behind the Mask? Hacker Personas Explained

January 26, 2021

Your Network Perimeter Has Changed

February 18, 2021

How Managed Hosting Providers Thrive with the Alternative Cloud

February 24, 2021

White Papers

View all

Why Subscription Business Model

January 15, 2021

The Ultimate MSP Guide to Sales Efficiency

January 14, 2021

Eight Reasons Why MSPs Need IT Industry-Specific Sales Tools

January 14, 2021

Upcoming Events

View all

Channel Partners Virtual

March 2, 2021 - March 4, 2021

Channel Partners Conference & Expo

November 1, 2021 - November 4, 2021

Videos and Fastchats

View all

FASTCHAT: How SOAR Eliminates Security Challenges and Elevates Service Provider Revenues

January 6, 2021

Happy Holidays from Channel Partners & Channel Futures!

December 21, 2020

FASTCHAT: How Old, Unpatched Technologies Are Creating New Security Threats for MSPs and Their Customers

December 3, 2020

Twitter

ChannelFutures

Following its acquisition of SAP specialist Pioneer B1, new @SapphireSystems GM reveals "buy and build" growth stra… twitter.com/i/web/status/1…

January 25, 2021
ChannelFutures

.@exabeam, @VulcanCyber, @ntti3, @Vectra_AI, @Lookout and @valtixinc give high marks to @POTUS' federal… twitter.com/i/web/status/1…

January 22, 2021
ChannelFutures

Judge sides with @AWScloud against #Parler; @SADAsystems gets AI-centric board member; @EnsonoIT, @navisite get… twitter.com/i/web/status/1…

January 22, 2021
ChannelFutures

2021 may be the year of the #security-centric #MSP @BarracudaMSP #remoteworking #ITsecurity #dataprotection #RMM… twitter.com/i/web/status/1…

January 22, 2021
ChannelFutures

Adding #AIOps and #AI-driven WANs will help IT administrators move forward, says @MistSystems.… twitter.com/i/web/status/1…

January 22, 2021
ChannelFutures

Microsoft taps @tybryson as corporate VP @msuspartner group @julwhite heading to SAP, @anderson to @Qualtrics.… twitter.com/i/web/status/1…

January 22, 2021
ChannelFutures

#MSPs can inject predictability into #threathunting @Sophos #cybersecurity #ransomware dlvr.it/Rr4ffV https://t.co/Bztc2Yxwvc

January 22, 2021
ChannelFutures

.@RiskBased report shows decrease in #databreaches, jump in exposed records in 2020. dlvr.it/Rr4fcW https://t.co/PYiDMiJFbt

January 22, 2021

MSSP Insider

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Channel Partners Online

Want more? Find more channel news and analysis on our sister site, Channel Partners.

Media Kit And Advertising

Want to reach our audience? Access our media kit

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Online
  • Channel Partners Events
  • MSP 501
  • MSSP Insider
  • IoT World Today
  • Webhostingtalk

WORKING WITH US

  • Contact
  • About us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X