Sunday, Apr 28 2024 | Updated at 03:37 AM EDT

Stay Connected With Us F T R

Mar 20, 2017 12:55 PM EDT By , UniversityHerald Reporter

Cisco found a bug in over 300 switch models on the Wikileaks' disclosed Vault7. These 300 Borg switches can potentially put IOS Telnet at risk.

The American technology conglomerate has combed WikiLeaks' Vault 7 itself and found that there's a bug on the IOS or Internetwork Operating system and IOS XE in over 300 of the switch models, The Register reported.

The bug affects users in two manners: it doesn't restrict local communications to CMP-specific Telnet and processes commands on Telnet connection to an affected device, and incorrectly processed malformed CMP-specific Telnet options.

Cisco discovered 264 Catalyst switches and over 50 industrial Ethernet switches in the CIA cache that WikiLeaks divulged to the public. It also includes Embedded Service 2020 switches, SM-X Layer 2/3 EtherSwitch Service Module, and Cisco RF Gateway.

Now Cisco wants Telnet disabled until they patch, CSO reported. Cisco found that this serious flaw could put the switches open and vulnerable to hackers.

In line with that the company is recommending that users who are affected with the 300 switches disable their Telnet and use SSH instead. This will prevent hackers from attempting to exploit the vulnerability of the IOS and IOS XE.

If Telnet disabling does not work, Cisco recommends that users implement iACLs to lower the attack surface. Cisco explained that the vulnerability can only be exploited through the Telnet and a session established with the device. The bug lies in the affected devices' default configuration.

The bad news is CIA has been aware of this for an undetermined amount of time. The Central Intelligence Agency is aware that the bug allows a remote attacker to execute codes or to reload a targeted device.

There are no reports regarding Cisco being aware that the exploits are using the flaw. If it is, there are hundreds of thousands of devices installed all over the world and it's been at the CIA's mercy for an unknown period of time.

See Now: Covert Team Inside Newsweek Revealed as Key Players in False Human Trafficking Lawsuit

Follows wikileaks, Cisco, Vault 7, CIA, Telnet
© 2024 University Herald, All rights reserved. Do not reproduce without permission.

Must Read

Common Challenges for College Students: How to Overcome Them

Oct 17, 2022 PM EDTFor most people, college is a phenomenal experience. However, while higher education offers benefits, it can also come with a number of challenges to ...

Top 5 Best Resources for Math Students

Oct 17, 2022 AM EDTMath is a subject that needs to be tackled differently than any other class, so you'll need the right tools and resources to master it. So here are 5 ...

Why Taking a DNA Test is Vital Before Starting a Family

Oct 12, 2022 PM EDTIf you're considering starting a family, this is an exciting time! There are no doubt a million things running through your head right now, from ...

By Enabling The Use Of Second-Hand Technology, Alloallo Scutter It's Growth While Being Economically And Environmentally Friendly.

Oct 11, 2022 PM EDTBrands are being forced to prioritise customer lifetime value and foster brand loyalty as return on advertising investment plummets. Several brands, ...