BOLO Patch Now: Cisco Zero-Day Under Fire From Chinese APT By Elizabeth Montalbano; 2 July 2024 Cisco has patched a command-line injection flaw in a network management platform used to manage switches in data centers, which, according to researchers from Sygnia, already has been exploited by the China-backed threat group known as Velvet Ant. The bug (CVE-2024-20399, CVSS 6.0) can allow authenticated attackers to execute arbitrary command as root on the underlying operating system of an affected device. It's found in the command line interface (CLI) of Cisco NX-OS Software, which allows data center operations managers to troubleshoot and perform maintenance operations on NX-OS-enabled devices, which use the Linux kernel at their core. "This vulnerability is due to insufficient validation of arguments that are passed to specific configuration CLI commands," according to Cisco's advisory on the flaw. "An attacker could exploit this vulnerability by including crafted input as the argument of an affected configuration CLI command." https://lnkd.in/ewGUhVep
Todd Boudreau’s Post
More Relevant Posts
-
If you needed “wireless equivalency” for wired networks to provide equivalent confidentiality and integrity (wireless networks had full encryption mechanisms to provide the confidentiality and integrity of data traversing the Layer 2 hop from the endpoint into the network infrastructure, in addition to the strong identity capabilities of 802.1X), how could we achieve it? Should we use IPsec on every endpoint to every other endpoint, encrypting the entire communication from end to end? If we did that, how would we provide strong levels of QoS since we would not be able to see the content of a packet? We would be simply encrypting both good and bad traffic across the network if we used end-to-end IPsec. The solution is using 𝐈𝐄𝐄𝐄 802.1𝐀𝐄, also known as 𝐌𝐀𝐂𝐬𝐞𝐜. MACsec provides Layer 2 encryption on a LAN between endpoints and the switch as well as between switches. MACsec has two methods of operation: --> 𝐃𝐨𝐰𝐧𝐥𝐢𝐧𝐤 𝐌𝐀𝐂𝐬𝐞𝐜. This term used to describe the encrypted link between an endpoint (requires the host to perform 802.1X authentication) and a switch. Windows Native Supplicant does not support MACSec but Cisco AnyConnect NAM does. --> 𝐔𝐩𝐥𝐢𝐧𝐤 𝐌𝐀𝐂𝐬𝐞𝐜. This term used to describe encryption of the link between switches with If you are implemented Cisco ISE in your network, you can use its dynamic authorization policies to force MACSec centrally. Cisco recently produced a session for implementing MACsec in NX-OS based platforms. If you are interested in, you can access the recorded session at: https://lnkd.in/eZ_RDiTV If you are interested for how to configure MACSec in Catalyst switches, see the link below: https://lnkd.in/eqtPywB2
To view or add a comment, sign in
-
⭐⭐Understanding the Flaw: How the Cisco Catalyst SD-WAN Manager Can be Accessed Remotely ⭐⭐ #Cisco #sdwan #vulnerability #Networking #networks #networkengineers #ccna #ccnp #ccie https://lnkd.in/gZXjt6Pk
Understanding the Flaw: How the Cisco Catalyst SD-WAN Manager Can be Accessed Remotely
thenetworkdna.com
To view or add a comment, sign in
-
CISO, CTO, CEO, Board Member, Community Builder - Cybersecurity, IoT/OT, AI, Blockchain, Quantum Computing and advancing technology - PhD, CISSP, CRISC, SMIEEE, SMISSA, Board certified technical expert (DDN QTE)
ASUS warns of critical remote authentication bypass on 7 routers - For those unable to update the firmware immediately, the vendor suggests they ensure their account and WiFi passwords are strong (over 10 non-consecutive characters long). Moreover, it is recommended to disable internet access to the admin panel, remote access from WAN, port forwarding, DDNS, VPN server, DMZ, and port trigger. https://lnkd.in/gNz6Yprf
ASUS warns of critical remote authentication bypass on 7 routers
bleepingcomputer.com
To view or add a comment, sign in
-
Running Cisco routers or switches. Might want to take a look, active exploits taking place. Management interfaces should never be publicly available, and that includes web-based management interfaces. #securityawareness #cyberawareness #simply_security https://lnkd.in/esdzJfyE
Active exploitation of Cisco IOS XE Software Web Management User Interface vulnerabilities
blog.talosintelligence.com
To view or add a comment, sign in
-
ASUS warns of critical remote authentication bypass on 7 routers For those unable to update the firmware immediately, the vendor suggests they ensure their account and WiFi passwords are strong (over 10 non-consecutive characters long). Moreover, it is recommended to disable internet access to the admin panel, remote access from WAN, port forwarding, DDNS, VPN server, DMZ, and port trigger. https://lnkd.in/geWEtfqd
ASUS warns of critical remote authentication bypass on 7 routers
bleepingcomputer.com
To view or add a comment, sign in
-
The Cisco CVE-2023-20198 really comes down to them leaving Web Services Management Agent allowed to take commands globally instead of just webui_internal. I hope they are doing some deep code audits because there are probably more places that exists in their code base. The bigger issue is people not locking down management interfaces. #cisco #networkengineer #security https://lnkd.in/gweqTWPb
Cisco IOS XE CVE-2023-20198: Deep Dive and POC
https://www.horizon3.ai
To view or add a comment, sign in
-
Ever wondered how to quickly update the connector version on your Cisco endpoints via Cisco Secure Endpoints? Read this blog to find out how!! https://hubs.li/Q027Xd0d0
Updating Cisco Security Endpoints Version
lookingpoint.com
To view or add a comment, sign in
-
Excellent article! This is actually an interview question that I use frequently: “Can you tell me what DHCP stands for, and what does it do?” Most candidates get it right, but I’m looking for how quickly and confidently the question can be answered.
The DHCP service leases IP address configurations to client devices, ensuring accurate settings with as little administrative effort as possible. Learn more: https://lnkd.in/gCpEpn7r #computernetworks #itskills
What is DHCP (Dynamic Host Configuration Protocol)?
comptia.org
To view or add a comment, sign in
-
Cyber Security Engineer | ISC² CC℠ | CCNP | F5-CA | NSE4 | AZ-700 | PCNSE | AWS CLF-01 | TryHackme Top 3%
What is a VLAN (virtual LAN)? A virtual LAN (VLAN) is a logical overlay network that groups together a subset of devices that share a physical LAN, isolating the traffic for each group. A LAN is a group of computers or other devices in the same place, the same building or campus, that share the same physical network. A LAN is usually associated with an Ethernet (Layer 2) broadcast domain, which is the set of network devices an Ethernet broadcast packet can reach. Computers on the LAN connect to the same network switch, either directly or through wireless access points (APs) connected to the same switch. Computers can also connect to one of a set of interconnected switches, such as a set of access switches that all connect up to a backbone switch. Once traffic crosses a router and engages Layer 3 (IP-related) functions, it is not considered to be on the same LAN, even if everything stays in the same building or floor. As a result, a location could have many interconnected LANs. The purpose of a VLAN : - to improve performance. - to tighten security. - to ease administration. Types of VLANs Port-based or static VLAN : Network engineers create port-based VLANs by assigning ports on a network switch to a VLAN. Those ports only communicate on the assigned VLANs. Use-based or dynamic VLAN : Network engineers create use-based VLANs by assigning traffic to a VLAN dynamically, based on the traffic type or the device creating the traffic. #networkengineer #ccna #cisco #networking #ccnp #network #ccie #cybersecurity #datacenter #technology #networksecurity #tech #networkadmin #ciscocert #it #router #switch #telecom #security #informationtechnology #ciscocertification #cloudcomputing #linux #mikrotik #juniper #internet #server #engineer #itcertification #computernetworks
To view or add a comment, sign in
-
The DHCP service leases IP address configurations to client devices, ensuring accurate settings with as little administrative effort as possible. Learn more: https://lnkd.in/gCpEpn7r #computernetworks #itskills
What is DHCP (Dynamic Host Configuration Protocol)?
comptia.org
To view or add a comment, sign in