Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

Unpatched Flaw Plagues Cisco Industrial Switches

Cisco informed customers on Monday that the IOS software running on some of the company’s industrial switches is plagued by a denial-of-service (DoS) vulnerability.

Cisco informed customers on Monday that the IOS software running on some of the company’s industrial switches is plagued by a denial-of-service (DoS) vulnerability.

The flaw, assigned the identifier CVE-2016-1330 and a CVSS score of 6.1, affects Cisco Industrial Ethernet 2000 Series Switches running IOS Software 15.2(4)E.

The cause of the vulnerability is the way the system processes Cisco Discovery Protocol (CDP) packets. An unauthenticated attacker with access to the network can cause vulnerable devices to reload by sending them specially crafted CDP packets.

Cisco has yet to release a software update to patch the vulnerability and the company says there are no workarounds. The vendor’s product security incident response team (PSIRT) hasn’t found any evidence to suggest that the flaw has been exploited in the wild.

Another issue disclosed by Cisco on Monday is a cross-site scripting (XSS) vulnerability affecting Cisco Emergency Responder, a product designed to help emergency teams manage calls in their phone network and identify the location of 911 callers.

This medium-severity flaw (CVE-2016-1331) allows a remote, unauthenticated attacker to execute arbitrary code in the context of the vulnerable web interface and access potentially sensitive browser information. The security hole can be exploited by tricking the victim into clicking on a malicious link or by injecting malicious code into an intercepted connection.

This vulnerability, which affects Cisco Emergency Responder 11.5(0.99833.5), also remains unpatched with no workarounds available.

Earlier this month, Cisco released updates to patch critical and high impact flaws in several of its products, including Application Policy Infrastructure Controller (APIC), Nexus 9000 switches, Cisco Prime Security Manager (PRSM), and Adaptive Security Appliance (ASA) software.

Advertisement. Scroll to continue reading.

Related: Cisco Launches Service to Address Shadow IT

Related: Cisco Patches Serious Flaws in Networking, Security Products

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

ICS/OT

The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

ICS/OT

Municipal Water Authority of Aliquippa in Pennsylvania confirms that hackers took control of a booster station, but says no risk to drinking water or...

ICS/OT

Mandiant's Chief analyst urges critical infrastructure defenders to work on finding and removing traces of Volt Typhoon, a Chinese government-backed hacking team caught in...

Cybercrime

Energy giants Schneider Electric and Siemens Energy confirm being targeted by the Cl0p ransomware group in the campaign exploiting a MOVEit zero-day.

ICS/OT

Wago has patched critical vulnerabilities that can allow hackers to take complete control of its programmable logic controllers (PLCs).

ICS/OT

Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.