Spiria logo.

Major security breach at Cisco

March 21, 2017.

Cisco’s headquarters, San Jose.

Cisco headquarters, San Jose, California. Photo © iStock.

Cisco Systems revealed that over 300 Ethernet switches have a critical vulnerability that permits the CIA to use a simple instruction to remotely execute malware and take over targeted devices. On Friday, Cisco said in a release that the loophole allowed attackers to remotely execute code with elevated privileges. While there is currently no fix available, Cisco provided instructions for turning off Telnet as an allowed protocol for incoming connections to eliminate the threat. Users of Cisco switches who do not wish to turn off Telnet can reduce their risk by using an access control list and limiting the number of peripherals enabled to send and receive Telnet instructions. Cisco is the first major manufacturer to admit that its products are indeed vulnerable to the type of attack described in Vault 7, the name given by WikiLeaks to thousands of pages of documents obtained from the Central Intelligence Agency (CIA). In these documents, that appear to be part of an internal Wiki, employees discuss exploitable security loopholes of Apple, Microsoft, Samsung, Cisco and other products.

Ars Technica, “A simple command allows the CIA to commandeer 318 models of Cisco switches.”

Ars Technica, “WikiLeaks publishes docs from what it says is trove of CIA hacking tools.”