Tuesday, September 10, 2024
Home Cyber Attack Cisco server hacked by exploiting SaltStack Vulnerabilities.

Cisco server hacked by exploiting SaltStack Vulnerabilities.

Let’s see what we found recently: the attacker vulnerable the Cisco Server and devices number of times by using the Cisco Virtual Internet Routing Lab Personal Edition(VIRL-PE) platform. This service allows all the users to create and build their network topologies without installing the device which helps to test the network virtually.

The cyber attackers have exploited the critical vulnerabilities in the SaltStack which is an open-source framework.

This is mainly used for the implementation of data center systems and it’s automatic services.

From Cisco, it was also mentioned that the Cisco Modeling Labs Corporate Edition (CML) is also vulnerable to attacks that is because it has the same version of Saltstack and that helps to run the vulnerable Salt Master installation.

The information we gather is “CML basically used by the user to simulate Cisco Devices and third-party devices. The VIRAL-PE that helps users to create infra and test the virtual networks in a development and test the environment easily.”

Cisco Product Vulnerable 

There is mainly two product which is affected by the vulnerabilities :

  • Cisco Virtual Internet Routing Lab Personal Edition(VIRl-PE)
  • Cisco Modeling Labs Corporate Edition (CML)

The main Server Compromised

From the report of the company the Attacker can manage to compromise six infrastructure to take control :

  • us-1.virl.info
  • us-2.virl.info
  • us-3.virl.info
  • us-4.virl.info
  • vsm-us-1.virl.info
  • vsm-us-2.virl.info

We Got an image from the news that shows a device where the salt-master service is enabled :

Cisco server hacked by exploiting SaltStack Vulnerabilities.
Cisco server hacked by exploiting SaltStack Vulnerabilities.

Where Cisco lacks in security :

The vulnerabilities that can bypass the authentication as CVE-2020-11651 and a directory traversal that is identified as CVE-2020-11652.

The above two is the flaws can allow the attackers to gain the authority to access the entire file system of the servers that are configured in SaltStack,

CVE-2020-11651: Bypass authentication Vulnerable
CVE-2020-11652: Traversal Directory Vulnerable 

On May 7, 2020, Cisco updated the compromised server and check all the vulnerabilities which can be fixed by the patch like the authentication bypass vulnerabilities(CVE-2020-11651) and the directory traversal vulnerabilities (CVE-2020-11652) that mainly affect the Saltstack severs.

After that Cisco released two essential updates for the VIRL-PE services and that was related to the product Cisco Modeling Labs Corporate Edition. The Security experts claimed that the security flaws on any version of services before the updates.

The SaltStack we mainly meant to observe and help to update the servers with their automatic process with the help of a remote execution engine it also allows us to run commands on multiple systems by utilizing the master node that applies changes to target the servers.

Cisco is not only companies that are attacked by cybercriminals by using these vulnerable, but earlier the attackers have also attacked other popular companies as well using the security flaws.

 

Bipin Choudharyhttps://vednam.com
Bipin has been a passionate blogger for several years. He is a Cyber Security Enthusiast, Security Blogger, Technical Writer. He is always eager to know everything about the latest technology development and advancement. Author @ Vednam

6 COMMENTS

  1. Your comment is awaiting moderation

    The therapists, acid, [URL=https://coastal-ims.com/drug/propecia/ – propecia[/URL – [URL=https://castleffrench.com/pill/zithromax/ – purchase zithromax without a prescription[/URL – [URL=https://the7upexperience.com/ventolin/ – ventolin[/URL – [URL=https://treystarksracing.com/lasix/ – lasix[/URL – [URL=https://treystarksracing.com/item/nizagara/ – nizagara[/URL – [URL=https://myhealthincheck.com/drugs/lasix-100mg/ – lasix 40 mg at canadian[/URL – [URL=https://pureelegance-decor.com/buy-generic-levitra/ – buy generic levitra[/URL – [URL=https://flowerpopular.com/drug/lasix/ – lasix[/URL – [URL=https://downtowndrugofhillsboro.com/pill/vpxl/ – vpxl pills[/URL – [URL=https://alliedentinc.com/doxycycline/ – purchase doxycycline[/URL – [URL=https://sjsbrookfield.org/tadalafil-cheap/ – tadalafil cheap[/URL – [URL=https://glenwoodwine.com/pill/aurogra/ – aurogra prix en pharmacie[/URL – cheap aurogra pills [URL=https://beauviva.com/product/hydroxychloroquine/ – hydroxychloroquine[/URL – [URL=https://sjsbrookfield.org/item/nizagara-50mg/ – nizagara[/URL – [URL=https://eatliveandlove.com/generic-cialis/ – cialis.com lowest price[/URL – [URL=https://1488familymedicinegroup.com/product/celebrex/ – celebrex 200mg[/URL – celebrex [URL=https://carolinahealthclub.com/cytotec/ – cytotec 100mcg[/URL – [URL=https://castleffrench.com/pill/lasix/ – lasix 40mg[/URL – [URL=https://darlenesgiftshop.com/pill/cialis/ – cialis online[/URL – [URL=https://jomsabah.com/item/tadalafil/ – tadalafil on prescription uk[/URL – [URL=https://rdasatx.com/nizagara/ – over night nizagara[/URL – nizagara pills [URL=https://greaterparsippanyrewards.com/lyrica/ – lyrica[/URL – [URL=https://alliedentinc.com/product/amoxicillin/ – buy 1000mg amoxil from india[/URL – [URL=https://pureelegance-decor.com/asthalin/ – salbutamol[/URL – [URL=https://flowerpopular.com/drugs/cipro/ – cipro.com[/URL – [URL=https://mnsmiles.com/kamagra/ – kamagra[/URL – kamagra [URL=https://markssmokeshop.com/cialis/ – cialis cost[/URL – [URL=https://dam-photo.com/sildenafil/ – sildenafil[/URL – [URL=https://otherbrotherdarryls.com/finasteride-canadian-pharmacy/ – online generic finasteride[/URL – [URL=https://pureelegance-decor.com/www-cialis-com/ – cialis 2.5 without prescriptions[/URL – doctor-dependency, hepatitic contributing finasteride massotherapy cuanto cuesta el zithromax de 100 ventolin 100mcg lasix lasix nizagara 100mg brand name lasix overnigh levitra without a doctor lowest price for lasix generic for vpxl doxycycline no prescription tadalafil canadian pharmacy aurogra quick hydroxychloroquine nizagara 25mg france nizagara cialis without prescription celecoxib cytotec online uk lasix price tadalafil tadalafil nizagara pills low cost lyrica canadian amoxicillin asthalin cipro kamagra cialis 5mg buy sildenafil finasteride tadalafil head, integument impulsive https://coastal-ims.com/drug/propecia/ https://castleffrench.com/pill/zithromax/ https://the7upexperience.com/ventolin/ https://treystarksracing.com/lasix/ https://treystarksracing.com/item/nizagara/ https://myhealthincheck.com/drugs/lasix-100mg/ https://pureelegance-decor.com/buy-generic-levitra/ levitra https://flowerpopular.com/drug/lasix/ lasix https://downtowndrugofhillsboro.com/pill/vpxl/ https://alliedentinc.com/doxycycline/ https://sjsbrookfield.org/tadalafil-cheap/ https://glenwoodwine.com/pill/aurogra/ https://beauviva.com/product/hydroxychloroquine/ https://sjsbrookfield.org/item/nizagara-50mg/ https://eatliveandlove.com/generic-cialis/ https://1488familymedicinegroup.com/product/celebrex/ https://carolinahealthclub.com/cytotec/ https://castleffrench.com/pill/lasix/ purchase lasix without a prescription https://darlenesgiftshop.com/pill/cialis/ https://jomsabah.com/item/tadalafil/ https://rdasatx.com/nizagara/ https://greaterparsippanyrewards.com/lyrica/ https://alliedentinc.com/product/amoxicillin/ https://pureelegance-decor.com/asthalin/ https://flowerpopular.com/drugs/cipro/ https://mnsmiles.com/kamagra/ https://markssmokeshop.com/cialis/ https://dam-photo.com/sildenafil/ https://otherbrotherdarryls.com/finasteride-canadian-pharmacy/ https://pureelegance-decor.com/www-cialis-com/ posture, nasally.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular

7 Best Free Ethical Hacking Courses Online

  Ethical hacking is the practice of identifying vulnerabilities in computer systems and networks, using the same techniques and tools as malicious hackers. Ethical hackers,...

How does AuKill malware work?

AuKill Malware Actively Used to Disable EDR in Ongoing Attacks The cybersecurity landscape is constantly evolving, and attackers are always finding new ways to breach...

What is Black box hacking ? How Does it works ?

  Black box hacking refers to the process of testing a system, network or application for vulnerabilities without having any prior knowledge of its internal...

What is Penetration testing ? How does it works ?

  Penetration testing, or PenTesting for short, is a critical part of any comprehensive cybersecurity program. It involves testing the security of computer systems, networks,...

Recent Comments