Mar 20, 2017 12:55 PM EDT
Cisco Combs WikiLeaks’ Vault 7 and Finds Bug on 300 Switch Models Affecting Multitudes of Users; Here’s What you Can Do About It
Cisco found a bug in over 300 switch models on the Wikileaks' disclosed Vault7. These 300 Borg switches can potentially put IOS Telnet at risk.
The American technology conglomerate has combed WikiLeaks' Vault 7 itself and found that there's a bug on the IOS or Internetwork Operating system and IOS XE in over 300 of the switch models, The Register reported.
The bug affects users in two manners: it doesn't restrict local communications to CMP-specific Telnet and processes commands on Telnet connection to an affected device, and incorrectly processed malformed CMP-specific Telnet options.
Cisco discovered 264 Catalyst switches and over 50 industrial Ethernet switches in the CIA cache that WikiLeaks divulged to the public. It also includes Embedded Service 2020 switches, SM-X Layer 2/3 EtherSwitch Service Module, and Cisco RF Gateway.
Now Cisco wants Telnet disabled until they patch, CSO reported. Cisco found that this serious flaw could put the switches open and vulnerable to hackers.
In line with that the company is recommending that users who are affected with the 300 switches disable their Telnet and use SSH instead. This will prevent hackers from attempting to exploit the vulnerability of the IOS and IOS XE.
If Telnet disabling does not work, Cisco recommends that users implement iACLs to lower the attack surface. Cisco explained that the vulnerability can only be exploited through the Telnet and a session established with the device. The bug lies in the affected devices' default configuration.
The bad news is CIA has been aware of this for an undetermined amount of time. The Central Intelligence Agency is aware that the bug allows a remote attacker to execute codes or to reload a targeted device.
There are no reports regarding Cisco being aware that the exploits are using the flaw. If it is, there are hundreds of thousands of devices installed all over the world and it's been at the CIA's mercy for an unknown period of time.