Thursday, April 9, 18:25
Home security Cisco vulnerabilities endanger millions of corporate devices

Cisco vulnerabilities endanger millions of corporate devices

CiscoSecurity investigators discovered 5 vulnerabilities on the Cisco Discovery Protocol, which can allow one hacker take control of corporate phones, routers and other devices.

Many corporations have been found in the past phones and routers with vulnerabilities. Now, researchers security discovered vulnerabilities in corporate phones, net cameras and switches Cisco, which can be used by hackers to penetrate into corporate networks. Cisco is one of the most popular Companies, which means many businesses are in risk.

Vulnerabilities are dangerous because they can be used for espionage. They were discovered by the security company Armis. According to researchers, can bypass the strategy "segmentation", Used by network administrators to protect them networks their.

The attackers could target a vulnerable Cisco network switch to acquire access to non-encrypted, internal information and to move through the target system. The attackers could also use vulnerabilities to attack many at once Appliances (e.g. on all corporate phones or all cameras). That way hackers could watch or cause damage to an organization, disabling devices.

“Network segmentation is a key security technique and production gadgets, ”said one researcher. However, experienced hackers and APT teams are constantly on the alert to act if they find a vulnerability.

- Advertisement -

According to the researchers, the vulnerabilities were discovered in the Cisco Discovery Protocol, which allows Cisco products to show their identity to other products within a private network. CDP is part of "Layer 2" of a network, which defines the data connection between devices belonging to the same network.

Researchers believe that use The CDP has some benefits, but can help attackers find Cisco products while on a network. And because all company products use CDP, one vulnerability can be used for automatic and simultaneous targeting of many devices.

Armis said it unveiled its findings at Cisco at the end of August 2019. Now, the company circulating patches to correct the five vulnerabilities. Armis researchers also helped with the correction.

"On February 5, we discovered vulnerabilities in the Cisco Discovery Protocol in many Cisco products, along with risk mitigation tips and corrections," a Cisco spokesman said.

The company said there was no evidence that the vulnerabilities were exploited by malicious hackers.

To exploit the vulnerabilities, the attackers will must first have access to the target network. However, if they manage to get into the network, they can break one Cisco device after another. If attackers take control of a router or switch they can breach unencrypted data network.

The patches released by Cisco are very important, but not all vulnerabilities are automatically updated. Therefore, the user needs to be 'hand in hand'. Given the widespread use of Cisco equipment in business networks, patches are required for it protection of networks.

Absent Mia
Absent Miahttps://www.secnews.gr
Being your self, in a world that constantly tries to change you, is your greatest achievement

LEAVE ANSWER

Please enter your comment!
Please enter your name here

LIVE NEWS

Bill Gates: Schools open in the fall and the economy collapses

Bill Gates believes schools will be able to open in the fall, he told Becky Quick on CNBC.

OTE Group Telecommunications Museum: Educational programs and entertainment activities from home for children aged 4-12 and the whole family

Educational programs and entertainment activities for children and families, in which they can participate from home, are offered by the Group's Telecommunications Museum ...

Microsoft: The April 2020 update for Office has been released

Microsoft released the non-security updates of April 2020 for Microsoft Office, which include corrections for errors as well as improvements ...

Tesla's new Cheetah mode offers top performance

The new Cheetah mode in the Tesla S model pushes the electric car from 0 to 100 km / h faster than ...

Tails 4.5: The new, safer version has been released!

Tails 4.5: The new, safer version has been released - Tails, is a live operating system based on ...

Windows 10 feature helps to delete useless files and apps

Windows 10 will make it easier to delete useless files and apps by displaying them in a list.

Cloudflare: Stops using Google's reCAPTCHA!

Cloudflare has announced that it will stop using Google's reCAPTCHA and switch to a new bot detector that ...

Google Stadia Pro is available for free for two months! Time for video games!

The situation we are experiencing lately due to corona, is one of the most difficult situations of ...

Russia is expected to try to manipulate the 2020 elections

The report comes after election security experts remain on alert for attempts to manipulate the 2020 election by ...

COVID-19: Can it be "reactivated" in treated patients?

According to the Korean Centers for Disease Control and Prevention (KCDC), Coronavirus COVID-19 can be "reactivated" in treated patients. Indicatively, approximately ...