300+ Cisco switches have been affected by a critical bug that has been found in Vault 7 data dump. While combing through WikiLeaks’ Vault 7 data dump, Cisco has unearthed a critical vulnerability affecting 300+ of its switches and one gateway that could be exploited to take over the devices. Paul Calatayud, Chief Technology Officer at FireMon commented below.
Paul Calatayud, Chief Technology Officer at FireMon:
“It is always a good thing when a security vendor takes a proactive approach in discovering and announcing that there is a new exploit. Cisco did the right thing here. Even better, there is a simple fix which it to disable Telnet, and use stronger protocols that are available and supported. This action would be part of any CISO’s best practice anyway, so the question is do you have technologies that can assist in managing configurations to properly inform you that you are using risky protocols? If the answer is no, then the window that attackers have to take advantage of the weak point could be a lot bigger than those who do, making your organisation incredibly vulnerable to attack.”