ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Cisco Security Vulnerability Thread.

    News
    cisco security
    14
    91
    12.3k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      scottalanmiller @travisdh1
      last edited by

      @travisdh1 said in Cisco Security Vulnerability Thread.:

      Cisco routers took down central rail monitoring station.

      https://ggwash.org/view/67198/metro-reasons-failed-metro-networking-equipment-blinds-control-center-for-three-hours

      Control stations we're not effected, thankfully.

      The Cisco routers were the attackers?

      T 1 Reply Last reply Reply Quote 0
      • T
        travisdh1 @scottalanmiller
        last edited by

        @scottalanmiller said in Cisco Security Vulnerability Thread.:

        @travisdh1 said in Cisco Security Vulnerability Thread.:

        Cisco routers took down central rail monitoring station.

        https://ggwash.org/view/67198/metro-reasons-failed-metro-networking-equipment-blinds-control-center-for-three-hours

        Control stations we're not effected, thankfully.

        The Cisco routers were the attackers?

        A software bug brings them down hard after a certain number of days. So, yeah, I guess they were.

        1 Reply Last reply Reply Quote 0
        • T
          travisdh1
          last edited by

          I've been lying down on the job apparently. 4 sets of hardcore credentials removed in the past 4 months. https://www.bleepingcomputer.com/news/security/cisco-removes-backdoor-account-fourth-in-the-last-four-months/

          1 Reply Last reply Reply Quote 0
          • T
            travisdh1
            last edited by

            Just saw this today. Announced last week and actively being exploited. A directory traversal which leads to sensitive system information being disclosed or the device crashing.

            https://www.bleepingcomputer.com/news/security/cisco-asa-flaw-exploited-in-the-wild-after-publication-of-two-pocs/

            1 Reply Last reply Reply Quote 0
            • T
              travisdh1
              last edited by

              Brilliant I tell you. An undocumented root level password left in the management layer.

              All your network are belong to us.

              https://www.bleepingcomputer.com/news/security/cisco-removes-undocumented-root-password-from-bandwidth-monitoring-software/

              1 Reply Last reply Reply Quote 1
              • M
                momurda
                last edited by momurda

                Literally just reading about this one.
                9.8 out of 10
                "fifth undocumented password (aka backdoor) that Cisco has removed from its software in the past 5 months."
                'Undocumented except by the fbi and nsa' I think is what they meant.

                S 1 Reply Last reply Reply Quote 4
                • S
                  scottalanmiller @momurda
                  last edited by

                  @momurda said in Cisco Security Vulnerability Thread.:

                  Literally just reading about this one.
                  9.8 out of 10
                  "fifth undocumented password (aka backdoor) that Cisco has removed from its software in the past 5 months."
                  'Undocumented except by the fbi and nsa' I think is what they meant.

                  And in hacker documents the world over.

                  1 Reply Last reply Reply Quote 2
                  • T
                    travisdh1
                    last edited by

                    Our monthly hardcoded root credentials are in.

                    https://www.zdnet.com/article/cisco-weve-killed-another-critical-hard-coded-root-password-bug-patch-urgently/

                    S 1 Reply Last reply Reply Quote 1
                    • S
                      scottalanmiller @travisdh1
                      last edited by

                      @travisdh1 said in Cisco Security Vulnerability Thread.:

                      Our monthly hardcoded root credentials are in.

                      https://www.zdnet.com/article/cisco-weve-killed-another-critical-hard-coded-root-password-bug-patch-urgently/

                      Definitely showing that even becoming famous for having hard coded creds, they won't change any till caught and forced to change them.

                      C 1 Reply Last reply Reply Quote 2
                      • C
                        coliver @scottalanmiller
                        last edited by

                        @scottalanmiller said in Cisco Security Vulnerability Thread.:

                        @travisdh1 said in Cisco Security Vulnerability Thread.:

                        Our monthly hardcoded root credentials are in.

                        https://www.zdnet.com/article/cisco-weve-killed-another-critical-hard-coded-root-password-bug-patch-urgently/

                        Definitely showing that even becoming famous for having hard coded creds, they won't change any till caught and forced to change them.

                        I mean the people that buy Cisco probably don't care too much.

                        S 1 Reply Last reply Reply Quote 1
                        • S
                          scottalanmiller @coliver
                          last edited by

                          @coliver said in Cisco Security Vulnerability Thread.:

                          @scottalanmiller said in Cisco Security Vulnerability Thread.:

                          @travisdh1 said in Cisco Security Vulnerability Thread.:

                          Our monthly hardcoded root credentials are in.

                          https://www.zdnet.com/article/cisco-weve-killed-another-critical-hard-coded-root-password-bug-patch-urgently/

                          Definitely showing that even becoming famous for having hard coded creds, they won't change any till caught and forced to change them.

                          I mean the people that buy Cisco probably don't care too much.

                          Good point. Or at all.

                          1 Reply Last reply Reply Quote 1
                          • T
                            travisdh1
                            last edited by

                            A bumper night last night for Cisco. Not one, not two, but three privilege escalation and remote command execution threats announced.

                            https://tools.cisco.com/security/center/publicationListing.x

                            S 1 Reply Last reply Reply Quote 2
                            • S
                              scottalanmiller @travisdh1
                              last edited by

                              @travisdh1 said in Cisco Security Vulnerability Thread.:

                              A bumper night last night for Cisco. Not one, not two, but three privilege escalation and remote command execution threats announced.

                              https://tools.cisco.com/security/center/publicationListing.x

                              Wow

                              1 Reply Last reply Reply Quote 0
                              • T
                                travisdh1
                                last edited by

                                WebEx, local privilege escalation vulnerability.

                                https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181024-webex-injection

                                RojoLocoR 1 Reply Last reply Reply Quote 0
                                • RojoLocoR
                                  RojoLoco @travisdh1
                                  last edited by

                                  @travisdh1 said in Cisco Security Vulnerability Thread.:

                                  WebEx, local privilege escalation vulnerability.

                                  https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181024-webex-injection

                                  Awesome, looks like I get to spend my day updating Webex.

                                  1 Reply Last reply Reply Quote 1
                                  • dbeatoD
                                    dbeato
                                    last edited by

                                    @travisdh1 You would love this one
                                    https://techcrunch.com/2018/11/01/bleedingbit-security-flaws-bluetooth-wireless-networks/

                                    T 1 Reply Last reply Reply Quote 0
                                    • T
                                      travisdh1 @dbeato
                                      last edited by

                                      @dbeato said in Cisco Security Vulnerability Thread.:

                                      @travisdh1 You would love this one
                                      https://techcrunch.com/2018/11/01/bleedingbit-security-flaws-bluetooth-wireless-networks/

                                      I saw that headline, but didn't read the article. I'm not surprised that Cisco is one of the vulnerable brands.

                                      1 Reply Last reply Reply Quote 0
                                      • T
                                        travisdh1
                                        last edited by

                                        "Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software Denial of Service Vulnerability"

                                        Only a denial of service possibility. Did I forget to mention it's in the software that is supposed to prevent that sort of thing?

                                        https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181031-asaftd-sip-dos

                                        1 Reply Last reply Reply Quote 2
                                        • nadnerBN
                                          nadnerB
                                          last edited by

                                          https://arstechnica.com/information-technology/2018/11/bluetooth-bugs-bite-millions-of-wi-fi-aps-from-cisco-meraki-and-aruba/

                                          Wi-Fi access points sold by Cisco, Meraki, and Aruba have two critical vulnerabilities being patched that could allow hackers to run malware inside the sensitive networks that use the gear. While the flaws open corporate networks to some scary attacks, the real-world likelihood of them being exploited is debatable.

                                          1 Reply Last reply Reply Quote 1
                                          • T
                                            travisdh1
                                            last edited by

                                            3 new vulnerabilities this morning.

                                            Remote code execution
                                            Cisco Stealthwatch Management Console Authentication Bypass Vulnerability
                                            https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-smc-auth-bypass

                                            2nd remote code execution.
                                            Cisco Unity Express Arbitrary Command Execution Vulnerability
                                            https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-cue

                                            And a Meraki local privilege escalation for good measure.
                                            Cisco Meraki Local Status Page Privilege Escalation Vulnerability
                                            https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-meraki

                                            S 1 Reply Last reply Reply Quote 1
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 4 / 5
                                            • First post
                                              Last post