• Penetration Testing will save Countless Lives: The Cisco Vulnerability

Penetration Testing will save Countless Lives: The Cisco Vulnerability

Time to read
2 minutes
Read so far

Penetration Testing will save Countless Lives: The Cisco Vulnerability

Tue, 04/10/2018 - 17:23
Posted in:

If one thing is for sure, it's that penetration testing will become a huge part of our Cyber future.

Embedi researchers have this week uncovered a critical vulnerability in Cisco software that left Cisco employees and researchers sleep-deprived, until it was fixed. Researchers demonstrated this susceptibility at a Hong Kong based conference after reporting it to Cisco in May 2017 in a video demonstration. The affected hardware and software includes devices that fall into the Smart Install Client type.

The vulnerability is down to inappropriate validation of packet data in a plug-and-play feature that assists administrators to activate (client) network switches and intercept traffic.

A total of 8.5 mil devices have this port open on the internet, leaving approximately a quarter of a million devices open to cyber criminals.

Although this is a bit techie, it's really important as Cisco affects our daily lives in such a variety of ways.

[Cyberhub Summit Coming to Austin, Tx | May 3, 2018 - Cyber Security education for executives and business owners, Exclusive Dinner and Powerful Networking. | Get the latest from Cyberhub Summit by signing up for their newsletters. ]

Cisco, once the most successful conglomerate globally, is still one of the top players in innovative networking appliances, solutions and training. Cisco with a long history under different names has touched every area of our networked lives. Think Network, think Cisco.

Cisco are crucial, their ongoing importance and relevance only seems to upscale as our lives become increasingly networked and their current list of products and services focus upon three market segments—enterprise and service providers, small business and home.

We witness some of Cisco's current global offering through: VoIP services partnering with Skype, Microsoft and Yahoo to merge VoIP services with mobile phone services; Cloud-based services (Hosted Collaboration Solutions) and Network Emergency Response which are deployed in Natural disasters with Cisco's Network Emergency Response Vehicles (NERV)s.

NERVs are independent and fully stacked vehicles that provide wired and wireless services including voice and radio interoperability, VoIP, video surveillance and secured HD video-conferencing for decision makers and first responders in crises. They are fully operative within 15 minutes of arrival.  The NERV has been central in handling incidents such as Hurricane Ike, Katrina and Sandy, not to mention the California wildfires.

They have also provided assistance outside of the U.S. in Haiti, New Zealand, Brazil and The Japanese Tsunami.  

So, if they are vulnerable to hackers, it's not just your skype call to your Aunty that is under attack or that cross-continent business meeting, Cisco vulnerabilities could have a serious body count.

Embedi states that this critical flaw could allow a hacker to implement and execute arbitrary code and take full control over susceptible network equipment. This is a worrying potential as we witness the parallel growth of state-sponsored hacking.

 To exploit this vulnerability, a hacker would need to send a crafted Smart Install message to an affected device, which is opened by default.

We should be very glad that these vulnerabilities have been found and neutralized.
Cisco fixed the vulnerability in all of its affected products on 28th March 2018, and Embedi published a blog post detailing the vulnerability the following day

By James Azar on 4/10/18

Article first reported at CyberHub Summit