Yesterday (November 2), Cisco Systems disclosed a critical security vulnerability in the software controlling routers and network switches.
This time, the leading network equipment manufacturer has released an update to patch a buffer overflow vulnerability in the Internetwork Operating System (IOS) software—a common security flaw in software.
However, this vulnerability is particularly dangerous as it allows remote attackers to gain control of the compromised system. In this case, it means taking control of Cisco’s routers and network switches—crucial infrastructure devices within a computer network system, including the Internet.
In fact, the security flaw in IOS that has been patched was disclosed at the Black Hat security conference this past July. However, Cisco kept this information private until now.
At the Black Hat conference, security researcher Michael Lynn demonstrated the capability to take control of routers by exploiting the security flaw in the software. If this vulnerability were exploited for a large-scale attack, the consequences could be severe—potentially causing disruptions to the Internet or a corporate network.
John Noh, a spokesperson for Cisco, stated: “Lynn exploited the security vulnerability in IPv6 that was disclosed last July to conduct a buffer overflow attack on the system timer. Cisco had patched this flaw back in April, but Lynn was still able to exploit it to attack and gain control of the routers.”
It is true that in July, Cisco disclosed details about the security vulnerability in IPv6—the flaw that Lynn used as an example at the Black Hat conference. However, there remains another more dangerous flaw that the developers did not disclose. It wasn’t until yesterday that users became aware of this issue.
The extensive impact of this security vulnerability has forced Cisco to maintain silence, according to Johannes Ullrich, a senior researcher at the SANS Institute. “The dangerous nature of these vulnerabilities is the reason why Cisco had to keep them secret during the Black Hat conference. If everyone were aware of this vulnerability, the repercussions could be unpredictable.” Ullrich advises users to update their device drivers as soon as possible.
In addition to patching the buffer overflow vulnerability, Cisco has also enhanced the security shield for this software. The new software version includes additional integrity check features to detect and prevent future attacks.
Cisco believes that after disclosing detailed information about this vulnerability, they are not overly concerned that it could be exploited to organize attacks. The update for all IOS versions is now available for download on the manufacturer’s website.
HVD – (CNet)
