Pierluigi Paganini August 26, 2017
Cisco IOS vulnerabilities open Rockwell Industrial Switches to attacks

Vulnerabilities in Cisco IOS expose Rockwell Allen-Bradley Stratix and ArmorStratix industrial Ethernet switches to remote attacks. Some models of the Allen-Bradley Stratix and ArmorStratix industrial Ethernet switches are exposed to remote attacks due to security flaws in Cisco’s IOS software. According to the security alert issued by ICS-CERT, an authenticated remote attacker can exploit the flaws to […]

Pierluigi Paganini July 15, 2017
CISCO issues security patches for nine serious RCEs in SNMP subsystem in IOS and IOS XE

Cisco has fixed nine serious remote code execution flaws in the SNMP subsystem running in all the releases of IOS and IOS XE software. The tech giant publicly disclosed the vulnerability on June 29 and provided workarounds, not it is notifying customers about the availability of security patches. The nine issues, that have been tracked with […]

Pierluigi Paganini June 30, 2017
Cisco IOS Software is affected by RCE flaws that could allow full hack of the devices

Experts at CISCO discovered severe remote code execution vulnerabilities in Cisco IOS Software while conducting internal testing. Cisco warned users of serious vulnerabilities in IOS software that can be exploited by authenticated, remote attackers for code execution and denial-of-service (DoS) attacks. Experts at CISCO discovered the vulnerabilities while conducting internal testing. “The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS […]

Pierluigi Paganini April 28, 2017
StringBleed SNMP Authentication Bypass affects numerous devices online

Security researchers discovered an SNMP flaw dubbed StringBleed that affects several models of Internet-connected devices. Simple Network Management Protocol (SNMP) authentication bypass affects several IoT devices, hackers could exploit the issue by simply sending random values in specific requests. The problem, dubbed StringBleed and tracked as CVE 2017-5135, was reported by the security researchers Ezequiel Fernandez and Bertin Bervis. The SNMP […]

Pierluigi Paganini May 19, 2014
SNMP issues in many devices allow disclosure of data

Researchers at Rapid7 disclosed a series of vulnerabilities in many devices that allow data disclosure from the SNMP community string. Researchers at Rapid7 have discovered problems in SNMP on embedded devices which can can cause the exposure of critical information. As explained in the official blog post during the analysis the experts discovered devices which expose information that would […]