Cisco exploit in the wild, attacks underway

An exploit for the critical vulnerability in Cisco Systems Inc's routers has been created and is being distributed, and attacks have begun, vendors and security advisory bodies warned on Friday.

Cisco announced Thursday that it had discovered that a specially crafted series of IPv4 packets sent to its IOS router software could be used to prevent target devices from processing packets. Attacks could be targeted or indiscriminate.

At that time, no exploit was available, and Cisco had been working quietly with backbone providers for a couple of days prior to going public to get major IOS routers patched against potential attacks. IOS routers are virtually ubiquitous on the internet.

But it emerged Friday that exploit code had been posted to a publicly available mailing list just hours after the vulnerability was made public, and some observers started to see evidence of small-scale attacks.

Symantec Corp coordinates a network of 19,000 security devices that donate their logs to give an insight into global security threats. The company said mid-Friday that it had seen the exploit in use in a very small amount.

Source: Computerwire

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

Sign up for our regular news round-up!

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

I would also like to subscribe to:

Thank you for subscribing