Cisco’s Routers. Switches and IP Equipment Suffer Zero-Day Attacks! Major Vulnerabilities Discovered! – Disposable mail news

The extremely well-known Cisco’s products, including IP Phones, Routers, cameras, and switches, were determined to have several severe “zero-day” vulnerabilities by researchers in the “Cisco Discovery Protocol (CDP)”, per sources.

CDP is a proprietary “Layer 2” network protocol that is put into effect in all the Cisco devices to be privy to the mechanisms of the devices.

Reports mention that a total of five vulnerabilities were ascertained out of which, four were “Remote Code Execution” (RCE) that let hackers or any other cyber-con to manipulate every single operation of the devices without any sort of consent of the user.

According to sources, one of the vulnerabilities led to a “Denial of Service” in the Cisco FXOS, NX-OS and IOS XR software that ended up damaging the victims’ networks

By exploiting the vulnerabilities effectively, numerous organizations’ and companies’ networks were smashed, costing all the affected parties heavily.

Per legitimate sources, following is the list of all the vulnerable devices in the represented categories:

Switches
• Nexus 1000 Virtual Edge
• Nexus 1000V Switch
• Nexus 3000 Series Switches
• Network Convergence System (NCS) 1000 Series
• Network Convergence System (NCS) 5000 Series
• Network Convergence System (NCS) 540 Routers
• Network Convergence System (NCS) 5500 Series
• Network Convergence System (NCS) 560 Routers
• MDS 9000 Series Multilayer Switches
• Nexus 5500 Series Switches
• Nexus 5600 Series Switches
• Nexus 6000 Series Switches
• Nexus 7000 Series Switches
• Nexus 9000 Series Fabric Switches
• Network Convergence System (NCS) 6000 Series
• UCS 6200 Series Fabric Interconnects
• UCS 6300 Series Fabric Interconnects
• UCS 6400 Series Fabric Interconnects

IP Phones
• Unified IP Conference Phone 8831
• Wireless IP Phone 8821-EX
• Wireless IP Phone 8821
• IP Conference Phone 7832
• IP Conference Phone 8832
• IP Phone 6800 Series
• IP Phone 7800 Series
• IP Phone 8800 Series
• IP Phone 8851 Series

IP Cameras
• Video Surveillance 8000 Series IP Cameras

Routers
• IOS XRv 9000 Router
• Carrier Routing System (CRS)
• ASR 9000 Series Aggregation Services Routers
• Firepower 1000 Series
• Firepower 2100 Series
• Firepower 4100 Series
• Firepower 9300 Security Appliances
• White box routers running Cisco IOS XR

The exploitation of the other four Remote Execution vulnerabilities could be in a way that a “maliciously” fabricated “CDP Packet” could be sent on the targeted Cisco devices and have their mechanisms altered.

There’s a vulnerability that could be hunted down or traced by (CVE-2020-3119). It helps the attackers to completely override the default switch and network infrastructure settings.

One of the vulnerabilities which could be traced as (CVE-2020- 3118), could help attackers gain control of the target’s router via remote code execution and use it in any harmful way they find acceptable.

Cisco’s 800 series IP cameras were vulnerable to attackers’ remote code execution. The vulnerability could be located as (CVE-2020-3110)

According to sources, in the other Cisco “Voice over IP Phone” vulnerability, an overflow in the parsing function could be exploited to access “code execution”. This vulnerability could be traced to (CVE-2020-311).

The troubles this vulnerability could cause an organization are manifold.
Acquiring access to other devices via “man-in-the-middle” attacks.
Damaging the network’s structure
“Data Exfiltration”, ranging from network traffic to sensitive information and personal phone calls, by the help of manipulated routers and switches.

Per reports, Cisco has come up with patches and the users are directed to employ them without any further delay.
[CVE-2020-3111
CVE-2020-3118
CVE-2020-3120
CVE-2020-3110
CVE-2020-3119]


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Vulnerability found in Cisco Webex Meeting Suit- Lets unauthorized attackers join private meetings – Disposable mail news


Cisco Webex Meetings Suite, a platform that offers its customers to organize online meetings and seminars anytime anywhere, has revealed a security vulnerability that allows an unauthorized attacker to enter a password-protected meeting without the password.

The Vulnerability –
The vulnerability allows the attacker to join a meeting if they have the meeting ID or meeting URL from the mobile device browser.
Then the browser will launch the meeting on Webex mobile application, and then the unauthenticated user can join the password-protected meeting without the said browser.

“The unauthorized attendee will be visible in the attendee list of the meeting as a mobile attendee,” reads the Cisco blog post.

This makes it quite easy to track the unauthorized individual as they will be visible as a mobile attendee.

This Cisco Webex vulnerability has received a score of 7.2 out of 10 (can be tracked as CVE-2020-3142). Cisco Product Security Incident Response Team (PSIRT) said that they have not yet faced an attacker exploiting the vulnerability.

Versions with the vulnerability –

The vulnerability is seen in Cisco Webex Meetings Suite sites and Cisco Webex Meetings Online versions earlier than 39.11.5 and 40.1.3. Though Cisco says that the Webex meeting server is unaffected with the vulnerability.

After discovering the vulnerability, Cisco has now released a new version fixing the vulnerability in versions 39.11.5 and later 40.1.3 for Cisco Webex Meetings Suite sites and Cisco Webex Meetings Online sites.

“The fix applies to Cisco Webex Meetings Suite sites and Cisco Webex Meetings sites only. Customers are not required to update the Cisco Webex Meetings mobile application or the Cisco Webex Meetings desktop application.”

Cisco recently fixed 11 more bugs in Cisco Data Center Network Manager when the faults let hackers RCE, SQL Injection, and Authentication Bypass Attacks.
Cisco is expected to fix the bug soon. The users are advised to stay careful of any suspicious activity and report to the company immediately if they found any malicious activity on the platform.


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Cisco faces criticism after a hacker finds 120+ bugs in its product – Disposable mail news

A triad of severe vulnerabilities in Cisco DCNM (Data Center Network Manager) stock allows hackers to remotely sidestep the verification and invade into companies’ servers, the reason being a few safety failures that include hard-coded creds.

The 3 vulnerabilities were in the huge 120 vulnerabilities list in the stock discovered by the hacker Steven Seeley, who currently works for Source Incite. It was Steven who informed the company about the issue through a glitch hunt program called Zero Day Initiative, by Trend Micro. 

In an interview with Computer Business Review, he Australian cybersecurity specialist/hacker said that “the group of 3 vulnerabilities are the most dangerous among the 120 vulnerabilities, and if the hackers get a hand of it, they can exploit it using execution as root through remote code. It is as simple as that.”

Simon further says that by exploiting these vulnerabilities, the hacker could easily gain access to almost anything like personal information, credentials, and passwords.

“I was rejected by the company Cisco after 8 interviews,” said Simon on Twitter.

In response to the situation, Cisco has urged its users to update their systems and software, as to stay safe from the bugs. Earlier this week the company said, “we have repaired the vulnerabilities in and users are requested to immediately update the software.”

Unfortunately, the readers of Computer Business Review are well aware that not all the products were built to be the same when it comes to patch management, the issue being that most of the critical bugs are neglected by the company.

In a conversation with Computer Business Review, Simon said that he will release the source codes this coming week. He mentioned that the vulnerabilities were very minor to exploit, but it did consume mind-boggling research to find the bugs in the starting phase. “The research consumed a whole month along with reviewing the code origin and debugging the run-time.”

Cisco says the trio of the vulnerabilities is not dependent on each other. A single vulnerability itself is capable of the exploit, let alone the trio. Cisco has released the latest security patch on its website. The users who have still not updated it can install it from the ‘download center’ on the website.


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.