Jump to content


Photo

A simple command allows the CIA to commandeer 318 models of Cisco ...


  • Please log in to reply
3 replies to this topic

#1 TheSentinel

TheSentinel

    The man in the dark

  • General Admin
  • 30,396 posts

Posted 20 March 2017 - 08:37 PM

A simple command allows the CIA to commandeer 318 models of Cisco switches
Bug relies on telnet protocol used by hardware on internal networks.

Dan Goodin - Mar 20, 2017 4:35 pm UTC

Cisco Systems said that more than 300 models of switches it sells contain a critical vulnerability that allows the CIA to use a simple command to remotely execute malicious code that takes full control of the devices. There currently is no fix.

See the complete artivle about at:
https://arstechnica....cisco-switches/

 

 



#2 TheSentinel

TheSentinel

    The man in the dark

  • General Admin
  • 30,396 posts

Posted 20 March 2017 - 08:40 PM

See in addition too:

 

Cisco Warns of Critical Vulnerability Revealed in ‘Vault 7’ Data Dump

by Tom Spring March 20, 2017 , 1:20 pm

Detailed info at:
https://threatpost.c...ta-dump/124414/

 



#3 TheSentinel

TheSentinel

    The man in the dark

  • General Admin
  • 30,396 posts

Posted 20 March 2017 - 08:42 PM

And another related article about at:

 

CIA Vault7 Leak – Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution flaw

March 20, 2017  By Pierluigi Paganini   Posted In  Breaking News  Hacking  

After the leak of the CIA Vault7 archive, experts from CISCO warn of Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution flaw.


http://securityaffai...cisco-flaw.html


#4 TheSentinel

TheSentinel

    The man in the dark

  • General Admin
  • 30,396 posts

Posted 08 April 2017 - 06:57 PM

Read in addition too:

 

WikiLeaks just dropped the CIA’s secret how-to for infecting Windows

Latest batch of documents details how CIA infects targets’ Windows-based computers.

Dan Goodin - 4/7/2017, 9:13 PM

WikiLeaks has published what it says is another batch of secret hacking manuals belonging to the US Central Intelligence Agency as part of its Vault7 series of leaks. The site is billing Vault7 as the largest publication of intelligence documents ever.

Read the whole article about at:
https://arstechnica....ecting-windows/