Many corporations have been found in the past phones and routers with vulnerabilities. Now, researchers security discovered vulnerabilities in corporate phones, net cameras and switches Cisco, which can be used by hackers to penetrate into corporate networks. Cisco is one of the most popular Companies, which means many businesses are in risk.
Vulnerabilities are dangerous because they can be used for espionage. They were discovered by the security company Armis. According to researchers, can bypass the strategy "segmentation", Used by network administrators to protect them networks their.
The attackers could target a vulnerable Cisco network switch to acquire access to non-encrypted, internal information and to move through the target system. The attackers could also use vulnerabilities to attack many at once Appliances (e.g. on all corporate phones or all cameras). That way hackers could watch or cause damage to an organization, disabling devices.
“Network segmentation is a key security technique and production gadgets, ”said one researcher. However, experienced hackers and APT teams are constantly on the alert to act if they find a vulnerability.
According to the researchers, the vulnerabilities were discovered in the Cisco Discovery Protocol, which allows Cisco products to show their identity to other products within a private network. CDP is part of "Layer 2" of a network, which defines the data connection between devices belonging to the same network.
Researchers believe that use The CDP has some benefits, but can help attackers find Cisco products while on a network. And because all company products use CDP, one vulnerability can be used for automatic and simultaneous targeting of many devices.
Armis said it unveiled its findings at Cisco at the end of August 2019. Now, the company circulating patches to correct the five vulnerabilities. Armis researchers also helped with the correction.
"On February 5, we discovered vulnerabilities in the Cisco Discovery Protocol in many Cisco products, along with risk mitigation tips and corrections," a Cisco spokesman said.
The company said there was no evidence that the vulnerabilities were exploited by malicious hackers.
To exploit the vulnerabilities, the attackers will must first have access to the target network. However, if they manage to get into the network, they can break one Cisco device after another. If attackers take control of a router or switch they can breach unencrypted data network.
The patches released by Cisco are very important, but not all vulnerabilities are automatically updated. Therefore, the user needs to be 'hand in hand'. Given the widespread use of Cisco equipment in business networks, patches are required for it protection of networks.