March 23, 2017
Cisco’s internal investigator has led to a new information that might caught the company in a whirlpool; a new vulnerability was diagnosed in the Cluster Management protocol code for Cisco IOS and IOS XE that could lead to two remote execution issues on dozens of Cisco products running that software.
Cisco partners are already pairing up with the organization to advice the customers on how to bypass a critical security vulnerability affecting more than 300 routers and switches as Wikileaks confirmed the news after exposing CIA documents. The founding reports that the Cluster Management protocol was processing code as- unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges.
"I have a call with one of our top customers in a few minutes and it will be the first topic of conversation," said Venero. "This is a vulnerability that puts some of the biggest corporations and government agencies at risk."
But the company believes, and we don’t disagree that these inexorable pitfall are rising because it failed to restrict the use of CMP-specific Telnet options to internal, local communications, between cluster members only, and instead accepted and processed such options over any Telnet connection to an affected device and the incorrect processing of malformed CMP-specific telnet options.
“An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device,” a company’s advisory warned about it.
No wonder, Cisco is under deep neck problems, but the company has future endeavor to release updates of dealing and alleviating with the problems.
Sooner or later, Cisco is going to hunt the malware down from affecting.