Cisco Industrial Ethernet 3000 Series switches have hardcoded SNMP community strings
|
D-SWAT
A security issue has been identified in Cisco Industrial Ethernet 3000, which can be exploited by malicious people to potentially compromise a vulnerable device.
"Cisco Industrial Ethernet 3000 (IE 3000) Series switches running Cisco IOS Software releases 12.2(52)SE or 12.2(52)SE1, contain well-known, hard-coded read and write SNMP community strings (names). The hard-coded strings are restored to the running configuration after a device reload. The SNMP service is disabled by default," US-CERT described in an advisory.
Successful exploitation of the vulnerability could result in an attacker obtaining full control of the device.
Solution:
Until updates are available, users are encouraged to use the below workarounds:
1.Upgrade
According to Cisco Security Advisory cisco-sa-20100707-snmp, the first fixed IOS releases is 12.2(55)SE, currently scheduled to be available August 2010.
2.Disable default SNMP community strings
Cisco Security Advisory cisco-sa-20100707-snmp provides detailed information about workarounds and mitigation techniques, including manually and automatically removing SNMP community strings.
References:
http://www.cisco.com/warp/public/707/cisco-sa-20100707-snmp.shtml
http://www.kb.cert.org/vuls/id/732671
|
The information from Draytek Corp.
About DrayTek
DrayTek Corp., founded in 1997, is a global provider
of comprehensive network security, remote access
and VoIP solutions for residential/small office
and Small and Medium Enterprises(SME) use. To
meet the needs of customers for quality and cost-effectiveness,
DrayTek, with technologies integrated with real-time
Anti-Virus/Anti-Intrusion system, VPN, VoIP and
xDSL broadband access, has successfully delivered
total network protection worldwide. For more information,
please visit the company's website at http://www.draytek.com.
Press Contact:
DrayTek Marketing Dept.
press@draytek.com |
