A Question of Data Security

Vimal Rama Chandran

image

HLB HAMT - Accounting Firm in UAE

Phone:- +971 4 327 7775
Mobile:- +971 52 830 7998
WhatsApp:- +971 56 219 1607
Email:- dubai@hlbhamt.com

    Schedule a Consultation




    Maintaining high level of security around your business is extremely crucial since thousands of businesses are being exposed to security vulnerabilities every year.

    The security firm Embedi has recently discovered a vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software, forcing Cisco to release software updates, including three critical remote code execution security bugs. The vulnerability makes it possible for an unauthenticated, remote attacker to trigger a reload of an affected device. Only Smart Install client switches are prone to attack; whereas Cisco devices that are configured as a Smart Install director are not affected.

    “In a securely configured network, Smart Install technology participants should not be accessible through the internet. But scanning the internet has shown that this is not true,” Embedi said. “During a short scan of the internet, 250,000 vulnerable devices and 8.5 million devices that have a vulnerable port open were detected.”

    The problem affects devices running Cisco XE Software 16.x that is deployed with Cisco ASR routers and Catalyst switches. Attackers can exploit the vulnerability by logging into Cisco routers and switches with a high-privileged account.

    Devices running IOS XE 16.x bring a hidden default account named “cisco” and a static password. While default accounts are not a part of Cisco products, this appears to have been left during the testing phase of IOS XE and affects only the v16.x versions.

    Security vulnerability can lead to the following issues:

    1. Triggering a reload of the device
    2. Execution of arbitrary code on the device
    3. An indefinite loop on the affected device that triggers a watchdog crash

    According to Cisco, “the vulnerability is due to incorrect bounds checking of certain values in packets that are destined for UDP port 18999 of an affected device. An attacker could exploit this vulnerability by sending malicious packets to an affected device.”

    Identifying vulnerable areas of your business and equipping your company with the necessary tools to minimize the risk of data breach are important steps that need to be taken to enable the smooth functioning of an enterprise.

    “It takes decades to build a reputation and few minutes of cyber-incident to ruin it.”

    Technology

    Related content

    image description

    Trends that are expected to dominate the UAE Business Environment in 2023

    Over the last two years, the world has seen some significant changes, and while 2022 has been an interesting year for the global economy,

    image description

    Top Artificial Intelligence Technologies for UAE Companies

    With innovative technologies, artificial intelligence has transformed the way we live. AI has taken over every industry and is having a significant impact on every aspect of society.

    image description

    Five suggestions to get productive answers from ChatGPT

    Since it was launched last November, Chat GPT has quickly become popular among professionals for its ease of use and ability to complete projects in a matter of days.

    Get in touch

    Whatever your question our team will point you in the right direction

    Start the conversation
    Get in touch
    x
    x

    Share to:

    Copy link:

    Copied to clipboard Copy