HackDig : Dig high-quality web security articles for hacker

Cisco IOS Software is affected by RCE flaws that could allow full hack of the devices

2017-06-30 23:15

Experts at CISCO discovered severe remote code execution vulnerabilities in Cisco IOS Software while conducting internal testing.

Cisco warned users of serious vulnerabilities in IOS software that can be exploited by authenticated, remote attackers for code execution and denial-of-service (DoS) attacks. Experts at CISCO discovered the vulnerabilities while conducting internal testing.

“The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities.” states the advisory published by CISCO.

The experts warned of nine flaws affecting the Simple Network Management Protocol (SNMP) component of IOS and IOS XE software.

The flaws are due to a buffer overflow condition in the SNMP subsystem, all versions of SNMP – Versions 1, 2c, and 3 are affected.

Cisco IOS Software

As reported by the advisory, an authenticated attacker who knows the SNMP read-only community string of a target system could remotely execute code or cause the device to reload by sending a specially crafted SNMP packet via IPv4 or IPv6.

“To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. A successful exploit could allow the attacker to execute arbitrary code and obtain full control of the affected system or cause the affected system to reload.” continues the advisory.

The attack is very dangerous because hackers could obtain full control of vulnerable devices and the worst news is that CISCO warned customers that attackers in the wild know about the vulnerabilities and can exploit them in any moment.

Devices configured with any of the following MIBs are vulnerable:

  • ADSL-LINE-MIB
  • ALPS-MIB
  • CISCO-ADSL-DMT-LINE-MIB
  • CISCO-BSTUN-MIB
  • CISCO-MAC-AUTH-BYPASS-MIB
  • CISCO-SLB-EXT-MIB
  • CISCO-VOICE-DNIS-MIB
  • CISCO-VOICE-NUMBER-EXPANSION-MIB
  • TN3270E-RT-MIB

Waiting for a fix, users can apply workarounds suggested by the company.

Pierluigi Paganini

(Security Affairs – Cisco IOS Software, hacking)

The post Cisco IOS Software is affected by RCE flaws that could allow full hack of the devices appeared first on Security Affairs.


Source: lmth.swalf-erawtfos-soi-ocsic/gnikcah/07506/sserpdrow/oc.sriaffaytiruces

Read:1618 | Comments:0 | Tags:Breaking News Hacking CISCO Cisco IOS Software iOS SNMP IOS

“Cisco IOS Software is affected by RCE flaws that could allow full hack of the devices”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud