PS5 details: Is there a risk that hackers will exploit them?
inet infosec

PS5 details: Is there a risk that hackers will exploit them?

Sony's game developer and creator, Mark Cerny, gave some details about the new PS5 console. In one...
Read More
infosec

Cisco warns of vulnerabilities in 9000 series routers

Cisco has released 31 security tips this week, but has focused users on "critical" patches for ...
Read More
infosec

HP: Adds the Sure Sense malware blocker to its new devices

HP announced a series of updates and new features for PCs, as well as the official HP release ...
Read More
infosec

Covering vacancies in hacker security

Incidents of online attacks are increasing day by day. Previously no such attention was paid. After the incident with the ...
Read More
infosec

Oracle: New Critical Patch Update fixes 297 vulnerabilities

Oracle releases a collection of patches for multiple critical security vulnerabilities. The update contains 297 new security fixes ...
Read More
Latest Posts

Cisco: 0-day vulnerability makes restart security devices

Until now, hackers have exploited a software vulnerability that Cisco uses in its hardware security products. The bug can restart the devices, and therefore temporarily shut down their operation. Cisco was made aware of the vulnerability when one of its customers contacted her asking for help.

cisco 0 day

Vulnerability with code names CVE-2018-15454, is located in the engine of the Session Initiation Protocol (SIP), which is enabled by default. In the event that exploitation exploits the device does not restart, then the processor is greatly increased and the result is long delays in its operation. According to a Cisco expert, vulnerability can be exploited either locally or remotely, and some kind of authentication is not required.

"Vulnerability is due to poor management of SIP traffic. The attacker can exploit the vulnerability by sending multiple SIP requests modified specifically to take advantage of the security vulnerability. "

So far, Cisco has not released an update that solves the problem, but there are several alternatives. One of the options is to completely shut down SIP Inspection, but this is not feasible in all cases as it can create a new problem that breaks all SIP connections.

The Cisco team observed that all malware contained the 0.0.0.0 address in the Sent-by Address header, an address that can not be found. Network administrators could create a pattern that will detect malicious packets and exclude them.

Until a Cisco security vulnerability update is released for CVE-2018-15454 code vulnerability, customers should rely on one of the two above solutions.

Devices that have been confirmed to be vulnerable are:

  • 3000 Series Industrial Security Appliance (ISA)
  • ASA 5500-X Series Next-Generation Firewalls
  • ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
  • Adaptive Security Virtual Appliance (ASAv)
  • Firepower 2100 Series Security Appliance
  • Firepower 4100 Series Security Appliance
  • Firepower 9300 ASA Security Module
  • FTD Virtual (FTDv)
Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *