Cisco Confirms Switches Exploited by CIA via CMP Flaw; Fix Coming Soon

Cisco Confirms Switches Exploited by CIA via CMP Flaw; Fix Coming Soon
  • The company claims that the vulnerability is in CMP processing code
  • An exploit can be avoided by disabling telnet
  • Cisco promises a fix soon

Last week, WikiLeaks claimed that the CIA had exploited various apps, platforms, and devices unethically to spy on people. One of the affected tech companies was Cisco, whose switches were hacked by CIA to remotely exercise control. The company has now confirmed that as many as 318 Cisco switches have a vulnerability that can allow the CIA to remotely execute malicious code and gain full control on the device.

The company issued an advisory on the matter, and claimed that currently there are "no workaround that address this vulnerability," but it's looking to roll out a fix soon. Cisco discovered the vulnerability in the Vault 7 dump by WikiLeaks.

The advisory claims that the vulnerability is in the "Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software, and it could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges."

It essentially stems from a "failure to restrict the use of CMP-specific Telnet options only to internal, local communications between cluster members and instead accept and process such options over any Telnet connection to an affected device, and the incorrect processing of malformed CMP-specific Telnet options."

Cisco hasn't announced when the fix is coming, but has mentioned a few things for users to do to avoid hackers from taking advantage. It recommends disabling Telnet and using SSH, and has also detailed guidelines for doing it on this support page. Users who are unable or unwilling to disable the Telnet protocol can reduce the attack surface by implementing infrastructure access control lists (iACLs). Guidelines on that can be found on this support page.

WikiLeaks recently announced that it will work with technology companies to give them technical details to work on fixes of CIA exploits. Other tech giants affected by the CIA hacking are Apple, Microsoft, Samsung, and more.


For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Tasneem Akolawala is a Senior Reporter for Gadgets 360. Her reporting expertise encompasses smartphones, wearables, apps, social media, and the overall tech industry. She reports out of Mumbai, and also writes about the ups and downs in the Indian telecom sector. Tasneem can be reached on Twitter at @MuteRiot, and leads, tips, and releases can be sent to More
SpaceX Studying Landing Spots on Mars With NASA
Google Sister Company Jigsaw Offers Free Security Tools to Election Groups

Related Stories

Share on Facebook Tweet Snapchat Share Reddit Comment



© Copyright Red Pixels Ventures Limited 2021. All rights reserved.
Listen to the latest songs, only on