It is currently 26-09-2017 15:40

Cisco has acknowledged the vulnerability in the software IOS, IOS XE and IOS XR

Cisco has acknowledged the vulnerability in the software IOS, IOS XE and IOS XR

by sigismund » 2016-09-20 12:43:00


Vulnerability exploited by a tool BENIGNCERTAIN, is not limited to Cisco PIX, but also on products based on IOS, IOS XE and IOS XR.


This summer, hackers from The Shadow Brokers posted in free pattern that includes some tools and exploits from the Arsenal group Equation Group specializing in cyber espionage. Tools designed for the exploitation of vulnerabilities in various products, including those manufactured by Cisco.

Previously, the company confirmed the performance of the three exploits – EPICBANANA, ExtraBacon and BENIGNCERTAIN. The first two allow you to remember proekspluatirovat vulnerabilities in the firewalls of the company, and the third is to extract passwords VPN used in firewalls the Cisco PIX. As it turned out during further analysis, the vulnerability CVE-2016-6415 operated tool BENIGNCERTAIN, is not limited to Cisco PIX, but also on products running IOS, IOS XE and IOS XR.

The vulnerability exists due to incorrect packet handling IKEv1 and with the help of a specially formed packet to IKEv1 disclose the confidential information. The bug affects all releases of IOS XE, different versions of IOS and IOS XR 4.3.x to 5.0.x to 5.1.x and 5.2.x (5.3.0 and all later versions not affected). Vulnerable are all firewall family Cisco PIX and solutions for IOS, IOS XE and IOS XR, if they use the IKEv1 Protocol, specify the warning of the manufacturer.

According to the report, attackers have already attempted exploitation of this vulnerability. Currently there is no means to prevent operation problems. The company has promised to release the appropriate patches, but the time frame in which they will be available, were not disclosed.
sigismund
moderators
Сообщений: 788
Депозит: 0 BTC

Rating: 5