Security Experts:

Connect with us

Hi, what are you looking for?



Unpatched Flaw Plagues Cisco Industrial Switches

Cisco informed customers on Monday that the IOS software running on some of the company’s industrial switches is plagued by a denial-of-service (DoS) vulnerability.

Cisco informed customers on Monday that the IOS software running on some of the company’s industrial switches is plagued by a denial-of-service (DoS) vulnerability.

The flaw, assigned the identifier CVE-2016-1330 and a CVSS score of 6.1, affects Cisco Industrial Ethernet 2000 Series Switches running IOS Software 15.2(4)E.

The cause of the vulnerability is the way the system processes Cisco Discovery Protocol (CDP) packets. An unauthenticated attacker with access to the network can cause vulnerable devices to reload by sending them specially crafted CDP packets.

Cisco has yet to release a software update to patch the vulnerability and the company says there are no workarounds. The vendor’s product security incident response team (PSIRT) hasn’t found any evidence to suggest that the flaw has been exploited in the wild.

Another issue disclosed by Cisco on Monday is a cross-site scripting (XSS) vulnerability affecting Cisco Emergency Responder, a product designed to help emergency teams manage calls in their phone network and identify the location of 911 callers.

This medium-severity flaw (CVE-2016-1331) allows a remote, unauthenticated attacker to execute arbitrary code in the context of the vulnerable web interface and access potentially sensitive browser information. The security hole can be exploited by tricking the victim into clicking on a malicious link or by injecting malicious code into an intercepted connection.

This vulnerability, which affects Cisco Emergency Responder 11.5(0.99833.5), also remains unpatched with no workarounds available.

Earlier this month, Cisco released updates to patch critical and high impact flaws in several of its products, including Application Policy Infrastructure Controller (APIC), Nexus 9000 switches, Cisco Prime Security Manager (PRSM), and Adaptive Security Appliance (ASA) software.

Related: Cisco Launches Service to Address Shadow IT

Related: Cisco Patches Serious Flaws in Networking, Security Products

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.


Vulnerabilities in GE’s Proficy Historian product could be exploited for espionage and to cause damage and disruption in industrial environments.


A hacktivist group has made bold claims regarding an attack on an ICS device, but industry professionals have questioned their claims.

Cybersecurity Funding

Internet of Things (IoT) and Industrial IoT security provider Shield-IoT this week announced that it has closed a $7.4 million Series A funding round,...


Vulnerabilities in industrial routers made by InHand Networks could allow hackers to bypass security systems and gain access to OT networks.


Organizations using controllers made by Rockwell Automation have been informed recently about several potentially serious vulnerabilities.


Researchers have demonstrated that threat actors could obtain global private keys that protect some of Siemens’ industrial devices, and the vendor says it cannot...