If you think about it, the Internet is a very complex connection just about everything that is imaginable out there. For example, there is all that cabling, wiring, wireless connectivity, servers, web servers, TCP/IP addresses, DNS Servers, web pages, domain names, network intrusion devices, firewalls ,routers, hubs, switches, oh yoy the list keeps going on and on.
Really there could be no end to it. It’s amazing, if just one piece of this complex puzzle goes awry, we can still function on a day to day basis and still have the ability to conduct our work and personal matters. Now of course, if there is a huge outage, that is an entirely issue at hand.
With this in mind, there are also a plethora of IT vendors that just specialize in the manufacture of all these just listed. There are some that are small, and then there are the heavy weights out there that totally dominate the market place. One of these is Cisco. The name actually comes from the name of the city of San Francisco. That is how the owners wanted to name it.
Today, the company has evolved to produce all sorts of related hardware and networking devices, and in fact, I would even venture to say that most of the Fortune 500 companies have some sort of equipment of theirs in their IT infrastructure. They are no doubt the leaders in what they do, and have turned out some really good things as well.
But just like any other piece of technology, Cisco hardware is also prone to breakdowns, failures, and even Cyber attacks. Such is the news today in world of Cyber Security. From what I have read so far, this is actually a pretty serious flaw that was discovered by researchers at Embedi.
Apparently, they have discovered a rather serious weakness in the Cisco IOS and IOS XE brands of software. It was discovered that a Cyber attacker could very easily inject some sort of arbitrary code into this software (much like a SQL injection attack) and take full control of the IT infrastructure of the entire business or corporation.
In technical terms, this what the flaw is all about: “The stack-based buffer overflow vulnerability (CVE-2018-0171) resides due to improper validation of packet data in Smart Install Client, a plug-and-play configuration and image-management feature that helps administrators to deploy (client) network switches easily.” (SOURCE: https://thehackernews.com/2018/04/cisco-switches-hacking.html).
In all, there are a total of about 8.5 million Cisco based networking hardware devices that have been affected by this, and there are still about 250,000 vulnerable devices out there. This is means that they still remain unpatched, despite the fact that Cisco has immediately released the relevant patches that are needed to fix this problem. This flaw has been given a ranking of 9.8, which is deemed to be “absolutely critical” by the people at Embedi.
In fact, the same team has even released videos on You Tube as to how this attack can actually take fold. This is of particular value out there for those network admins that use Cisco stuff. Here are the link to the video:
Cisco reported that they have fixed this problem as of March 28th. It should be noted that the software patches are free to download, and that network admins should install and deploy them immediately, without any further delay. Here is an actual listing of all of the impacted Cisco devices:
- Catalyst 4500 Supervisor Engines
- Catalyst 3850 Series
- Catalyst 3750 Series
- Catalyst 3650 Series
- Catalyst 3560 Series
- Catalyst 2960 Series
- Catalyst 2975 Series
- IE 2000
- IE 3000
- IE 3010
- IE 4000
- IE 4010
- IE 5000
- SM-ES2 SKUs
- SM-ES3 SKUs
- SM-X-ES3 SKUs
To be honest, I would love to provide my further insight into this, but I don’t enough about Cisco products to offer a valid opinion. But hey, all I can say is download those patches!!! (This maybe coming from a layman’s point of view on the networking world).