Cisco flaws highest priority for firms

Vulnerabilities in the software that runs Cisco's routers and switches could allow attackers to disrupt computer networks, security experts warned last week.

  • E-Mail
By  Administrator Published  February 1, 2007

The flaws affect Cisco's Internetwork Operating System (IOS) and could be exploited to crash systems or take remote control of them, the networking giant warned last week.

Analyst firm Gartner said that Cisco's dominance in the enterprise networking space made the flaws "a critical security issue", warning that administrators need to make them the "highest priority".

While the firm said in its online advisory that it could not confirm reports claiming active exploits for the vulnerabilities were already in circulation, nonetheless "enterprises must address these vulnerabilities immediately, because the impact of an attacker (whether inside or outside the enterprise) taking control of any device running IOS could be devastating".

The flaws could allow an attacker to seize control of a device and redirect traffic, or launch a denial-of-service attack to take a router or switch offline, disrupting any traffic it is handling.

As Cisco's hardware makes up a large portion of the internet's infrastructure, the US Computer Emergency Readiness Team (US-Cert) is warning users that the secondary impact of such attacks could be particularly severe.

Cisco has software updates available for the flaws, it said in the alert, including workarounds to mitigate the extent of the problem. Gartner is urging users to identify any vulnerable systems and install the updates immediately.

Flaws affect Cisco’s Internetwork OS Gartner described flaws as “a critical security issue”. Security updates are available from Cisco

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code