A vulnerability in Cisco switches allows them to be hacked remotely

Security researchers at Embedi have been tasked with discovering a critical flaw in Cisco IOS software and Cisco IOS XE. Due to these vulnerabilities, any attacker, without the need for identification, could remotely execute code and take control over the network and intercept traffic. Something serious and that could affect companies.

A vulnerability in Cisco switches allows them to be hacked remotely

The vulnerability stems from incorrect validation of package data in the Smart Install Client, a setting that helps administrators more easily implement network switches.

Cisco security flaw

Embedi has released the technical details after Cisco itself has released a security patch to protect users from this vulnerability. This is a vulnerability that has been categorized as critical. In fact, researchers have found that there are about 8.5 million devices that have this vulnerability. A problem of great magnitude therefore.

A video has even been published with the way in which an attack is demonstrated. So it is possible to see the way in which the attackers could carry out said attack. You have the video at the top. Additionally, we have the full list of affected Cisco switches:

• Catalyst 4500 Supervisor EnginesCatalyst 3850 SeriesCatalyst 3750 SeriesCatalyst 3650 SeriesCatalyst 3560 SeriesCatalyst 2960 SeriesCatalyst 2975 SeriesIE 2000IE 3000IE 3010IE 4000IE 4010IE 5000SM-ES2 SKUsSM-ES3 SKUsNME-16ES-1G-PSM-X-ES3 SKUs

Cisco has already released a security patch, which has been available since the end of last week. So users can already protect their devices against this failure if they update already. And thus avoid any problem.

The Hacker News Font