Cisco warns of a new critical vulnerability zero-day on Cisco IOS and Cisco IOS XE software. The company rated the vulnerability with the highest level of criticality and discovered it by analyzing files leaked through "Vault 7" from Wikileaks last week.
The records contain details and describe hacking tools and tactics of the US Central Intelligence Agency (CIA).
The vulnerability exists in the Cisco IOS and Cisco IOS XE Cluster Management Protocol (CMP) processing code.
If the defect is exploited (CVE-2017-3881) could allow a remote attacker to cause it to restart deviceor remotely executing malicious code with elevated privileges to take full control, according to Cisco.
The CMP protocol is designed to transmit information between system members using the Telnet or SSH service.
The vulnerability is Cisco's default configuration and can be exploited during a Telnet session on IPv4 or IPv6.
The vulnerability affects 264 Catalyst switches, 51 industrial Ethernet switches, and 3 other devices, including Catalyst switches, Embedded Service 2020 switches, Enhanced Layer 2/3 EtherSwitch Service Module, Enhanced Layer 2 EtherSwitch Service Module, ME 4924-10GE switch, IE Industrial Ethernet switches, RF Gateway 10, SM-X Layer 2/3 EtherSwitch Service Module, and Gigabit Ethernet Switch Module (CGESM) for HP.
Currently, the vulnerability is unpatched, and until released updates, Cisco recommends that everyone using its devices completely disable Telnet connections and use SSH instead.
