Cisco warns of a new critical zero-day vulnerability in Cisco IOS and Cisco IOS XE software. The company rated the vulnerability with the highest level of criticality and discovered it by analyzing them archives that leaked through him "Vault 7" from Wikileaks last week.
The records contain details and describe hacking tools and tactics of the US Central Intelligence Agency (CIA).
The vulnerability exists in the Cisco IOS and Cisco IOS XE Cluster Management Protocol (CMP) processing code.
If the defect is exploited (CVE-2017-3881) could allow a remote attacker to cause removement of the device or remotely executing malicious code with elevated privileges to take full control, according to Cisco.
The CMP protocol is designed to transmit information between system members using the Telnet or SSH service.
The vulnerability is Cisco's default configuration and can be exploited during a Telnet session on IPv4 or IPv6.
Vulnerability affects 264 Catalyst switches, 51 industrial Ethernet switches, and 3 other devices, including Catalyst switches, Embedded Service 2020 switches, Enhanced Layer 2/3 EtherSwitch Service Module, Enhanced Layer 2 EtherSwitch Service Module, ME 4924-10GE switch, IE Industrial Ethernet switches, RF Gateway 10, SM-X Layer 2/3 EtherSwitch Service Module, and Gigabit Ethernet Switch Module (CGESM) for HP.
At present, the vulnerability is unpatched, and until updates are released, Cisco recommends that everyone using their devices completely disable Telnet connections and use SSH.