Due to flaw, the CIA can take over 318 Cisco switch models
MANILA, Philippines – Cisco Systems revealed last week that the US Central Intelligence Agency (CIA) can quickly access and command around 318 types of Cisco network switches. These switches have a critical vulnerability that can be taken advantage of to fire off malicious code and gain control over the switches.
Revealed via an advisory on Friday, March 17, there is currently no fix to the critical vulnerability.
Switches are used to manage networked devices, allowing a group of networked devices to "talk to each other" and share resources.
Ars Technica added Cisco researchers found the vulnerability after analyzing leaked documents from the CIA that were released by Wikileaks. Cisco Systems is one of the the first major electronics manufacturers to warn of exploits discussed in the Wikileaks' CIA documents, called Vault 7. (Read: WikiLeaks: CIA can hack your TV, car, and chat apps)
According to Cisco's researchers, the vulnerability within Cisco's Cluster Management Protocol (CMP) is due to two factors: the failure to restrict Telnet options to internal, local communications and the incorrect processing of malformed CMP-only Telnet options.
Cisco explained, "An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device."
The vulnerability's threat can be diminished if the devices are configured to accept incoming Telnet connections.
Cisco will be releasing a software update to address the vulnerability, though no workarounds or fixes currently exist to address the issue.
A list of affected products is available via this page. – Rappler.com