Cisco's Product Security Incident Response Team uncovered that the more than 840,000 Cisco devices are at risk from vulnerabilities revealed by the "Shadow Brokers" group as part of the NSA exploit cyberweapon.
Cisco Devices At Risk From NSA Exploit Cyberweapon
According to Computerworld, the vulnerability revealed by the "Shadow Brokers" group could allow hackers to access sensitive information from Cisco devices' memory. Over 840,000 Cisco networking devices from around the world are exposed to this vulnerability.
The "Shadow Brokers" hacking group believes that this vulnerability is linked to the U.S. National Security Agency. At its turn, Cisco also announced a similar vulnerability last week.
According to Cisco, this security flaw could affect its IOS, IOS XE and IOS XR software that runs on many of its networking devices. The security vulnerability could allow hackers to gain remote access to Cisco networking devices and extract the contents of a device's memory. This could potentially cause leaks of sensitive information.
The security flaw is due to the way the operating system processes IKEv1 (Internet Key Exchange version 1) requests. Virtual Private Networks (VPN) and other features popular in enterprise environments use this key exchange protocol.
The online publication Tom's Hardware reports that the NSA exploit cyberweapon has already been used at least against of some of Cisco's customers. Cisco announced in a recent security advisory that the company was alerted on August 15, 2016, to information posted online by the Shadow Brokers group that claimed to possess disclosures from the Equation Group. Among the posted materials are to be found exploits for firewall products from multiple vendors, including a cyberweapon tool potentially being used to exploit legacy Cisco PIX firewalls.
As Cisco explained on its website, its IOS Software is the most widely used network infrastructure software in the world. Due to its large deployment, Cisco's software platform is an attractive target for malicious hackers.
The networking company also said that at the moment there are no workarounds for this vulnerability. IT administrators are advised to closely monitor their systems until Cisco releases patches for its software.