Cisco Industrial Switch Flaw Unpatched

Monday, February 22, 2016 @ 04:02 PM gHale

Cisco’s IOS software running on some industrial switches suffers from a denial-of-service (DoS) vulnerability.

The flaw affects Cisco Industrial Ethernet 2000 Series Switches running IOS Software 15.2(4)E.

Cisco Fixes Firewall Vulnerability
Cisco Patches Switch, Security Holes
Cisco Fixes Firewall Vulnerability
BlackEnergy using Tainted Word Documents

The cause of the vulnerability is the way the system processes Cisco Discovery Protocol (CDP) packets. An unauthenticated attacker with access to the network can cause vulnerable devices to reload by sending them specially crafted CDP packets.

The vulnerability has a case number of CVE-2016-1330 and a CVSS score of 6.1.

Cisco is working on an update and right now there are no workarounds. The vendor’s product security incident response team (PSIRT) has not found any exploitation of the vulnerability.

In addition to that vulnerability, Cisco found a cross-site scripting (XSS) vulnerability with the Cisco Emergency Responder, which helps emergency teams manage calls in their phone network and identify the location of 911 callers.

The issue allows a remote, unauthenticated attacker execute arbitrary code in the context of the vulnerable web interface and access potentially sensitive browser information. The security hole can end up exploited by tricking the victim into clicking on a malicious link or by injecting malicious code into an intercepted connection.

This vulnerability, which affects Cisco Emergency Responder 11.5(0.99833.5), also remains unpatched with no workarounds available.