Cisco Flaws Discovered

Cisco Flaws Discovered On Hardware Products As Well As Cisco Software

Target: Networking devices which have not rolled out Cisco patches, unpatched Cisco consumer software

Attack Vector: Exploitation of numerous detailed vulnerabilities

Summary: American industrial automation and information products supplier Rockwell Automation has recently disclosed the existence of a number of flaws within a range of switches they produce. Upon investigation, they discovered the actual flaw was due to the switches use of Cisco software which allows secure communications with enterprise networks, thus the vulnerability’s reside within Cisco’s software.

These flaws, while on a specific router are due to the software the routers rely on, are relevant to any routers which utilise Cisco software. Furthermore, three other flaws have been reported in Cisco client products which open up further attack vectors.

Risk assessment summary: The threat is assessed as 3d MODERATE. Whist the threat to some Rockwell devices has been mitigated with patching, it will take time to roll out across enterprise networks. They still present a danger given some of these vulnerabilities, CVE-2018-0171 in particular, has proved a popular attack vector and carries a high risk with the ability to cause downtime on a system. Further vulnerabilities, such as CVE-2018-0151, have the potential to cause damage to an organisation with the opportunity they provide to leak data, further increasing the risk.

In addition, it is probable we will find other routers which have similar vulnerabilities as they are also dependent on Cisco software. However, these devices will also have updates available, it is simply down to the organisation to roll out the patches Cisco supply. Furthermore, the risk of attack for Cisco products is reduced if all patches have been applied.

Cisco vulnerabilities

Critical vulnerabilities on Cisco devices

Target: Systems using unpatched Cisco software

Attack Vector: 3 separate critical vulnerabilities

Summary: Over the Easter break, multiple vulnerabilities were found on Cisco devices, placing millions of devices at risk. 34 vulnerabilities in total and 17 critical vulnerabilities have been discovered. Three of the most severe vulnerabilities relate to two flaws which could allow for a Denial of Service (DoS) to take place, CVE-2018-0171 and CVE-2018-0151, in addition to unauthorised access via hardcoded default credentials, CVE-2018-0150. Risk assessment summary: The threat is assessed as 3c MODERATE. The three vulnerabilities discussed are all of a critical nature, with two allowing an opportunity for a DoS attack and the third allowing sensitive devices to be compromised. In addition, authentication is not required for a threat actor to carry out these exploits. However, due to the availability of patching, along with workarounds for some of the vulnerabilities, these are issues which will become much rarer and difficult to exploit.