SoylentNews
SoylentNews is people
https://soylentnews.org/

Title    That Mega-Vulnerability Cisco Dropped is Now Under Exploit
Date    Monday February 12 2018, @07:29PM
Author    Fnord666
Topic   
from the patch-day-is-every-day dept.
https://soylentnews.org/article.pl?sid=18/02/12/1231211

MrPlow writes:

Submitted via IRC for Bytram

Hackers are actively trying to exploit a high-severity vulnerability in widely used Cisco networking software that can give complete control over protected networks and access to all traffic passing over them, the company has warned.

When Cisco officials disclosed the bug last week in a range of Adaptive Security Appliance products, they said they had no evidence anyone was actively exploiting it. Earlier this week, the officials updated their advisory to indicate that was no longer the case.

"The Cisco Product Security Incident Response Team (PSIRT) is aware of public knowledge of the vulnerability that is described in this advisory," the officials wrote. "Cisco PSIRT is aware of attempted malicious use of the vulnerability described in this advisory."

The update didn't say how widespread the attacks are, whether any of them are succeeding, or who is carrying them out. On Twitter on Thursday, Craig Williams, a Cisco researcher and director of outreach for Cisco's Talos security team, wrote of the vulnerability: "This is not a drill..Patch immediately. Exploitation, albeit lame DoS so far, has been observed in the field."

Source: https://arstechnica.com/information-technology/2018/02/that-mega-vulnerability-cisco-dropped-is-now-under-exploit/


Original Submission

Links

  1. "MrPlow" - https://soylentnews.org/~MrPlow/
  2. "high-severity vulnerability in widely used Cisco networking software" - https://arstechnica.com/information-technology/2018/01/cisco-drops-a-mega-vulnerability-alert-for-vpn-devices/
  3. "updated their advisory" - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1
  4. "Original Submission" - https://soylentnews.org/submit.pl?op=viewsub&subid=24805

© Copyright 2024 - SoylentNews, All Rights Reserved

printed from SoylentNews, That Mega-Vulnerability Cisco Dropped is Now Under Exploit on 2024-03-28 16:51:18