Cisco Flaws Discovered On Hardware Products As Well As Cisco Software
Target: Networking devices which have not rolled out Cisco patches, unpatched Cisco consumer software
Attack Vector: Exploitation of numerous detailed vulnerabilities
Summary: American industrial automation and information products supplier Rockwell Automation has recently disclosed the existence of a number of flaws within a range of switches they produce. Upon investigation, they discovered the actual flaw was due to the switches use of Cisco software which allows secure communications with enterprise networks, thus the vulnerability’s reside within Cisco’s software.
These flaws, while on a specific router are due to the software the routers rely on, are relevant to any routers which utilise Cisco software. Furthermore, three other flaws have been reported in Cisco client products which open up further attack vectors.
Risk assessment summary: The threat is assessed as 3d MODERATE. Whist the threat to some Rockwell devices has been mitigated with patching, it will take time to roll out across enterprise networks. They still present a danger given some of these vulnerabilities, CVE-2018-0171 in particular, has proved a popular attack vector and carries a high risk with the ability to cause downtime on a system. Further vulnerabilities, such as CVE-2018-0151, have the potential to cause damage to an organisation with the opportunity they provide to leak data, further increasing the risk.
In addition, it is probable we will find other routers which have similar vulnerabilities as they are also dependent on Cisco software. However, these devices will also have updates available, it is simply down to the organisation to roll out the patches Cisco supply. Furthermore, the risk of attack for Cisco products is reduced if all patches have been applied.