Published in Network

Cisco backdoor patched. Huawei the lads!

by on03 May 2019

Sorry, China - not you. It is Cisco

US Cisco networking giant Cisco patched a security vulnerability in some of its network switches that could take over IT equipment and spy on people.

The announcement comes after the US press dredged up a similar vulnerability found in Huawei gear from years ago - which was also fixed - as part of American pressure against the Chinese networking giant.

For those who came in late, the US government claims that Huawei is a tool of the Chinese government to spy on the West. Huawei has always denied it and the US has never released any proof.

So if the recent ancient accusation against Huawei is enough to kick the outfit out of western networks, this flaw from Cisco must be enough to prove that the US government is using the outfit to spy on the East.  It is bollocks of course, all gear has security flaws regardless of the flag it flies.

US tech giant Cisco has issued a free fix for software running on its Nexus 9000 series machines that can be exploited to log in as root and hijack the device for further mischief and eavesdropping. A miscreant just needs to be able to reach the vulnerable box via IPv6. It's due to a default SSH key pair hardcoded into the software.

Cisco said that the vulnerability was found in the SSH key management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to connect to the affected system with the privileges of the root user.

The vulnerability is due to the presence of a default SSH key pair that is present in all devices. An attacker could exploit this vulnerability by opening an SSH connection via IPv6 to a targeted device using the extracted key materials. An exploit could allow the attacker to access the system with the privileges of the root user.

It was discovered and reported by Oliver Matula of ERNW Enno Rey Netzwerke in cooperation with ERNW Research and was released as one of 40 security patches Cisco released.

Last modified on 03 May 2019
Rate this item
(5 votes)

Read more about: