Cisco updates advisory: "We have started publishing fixes" for NSA-linked exploits

Cisco updated a security advisory for a remote code execution vulnerability affecting the SNMP application-layer protocol.
Cisco updated a security advisory for a remote code execution vulnerability affecting the SNMP application-layer protocol.

Cisco Wednesday updated a security advisory for a remote code execution vulnerability affecting the SNMP application-layer protocol. The vulnerability was discovered after the Shadow Brokers release of exploits believed to have been used by the Equation Group loosely tied to the National Security Agency (NSA).

Omar Santos, principal engineer of Cisco's product security incident response team (PSIRT), wrote in the advisory that the SNMP vulnerability (CVE-2016-6366) is related to the ExtraBacon exploit. “We have started publishing fixes for affected versions, and will continue to publish additional fixes for supported releases as they become available in the coming days,” Santos wrote.

Last week, the company issued an advisory confirming that the BenignCertain exploit affects 6.x and earlier versions of Cisco's PIX firewall products. Fortinet and Juniper also confirmed that code leaked by Shadow Brokers contained exploits that affect their firewalls, setting off a push for a national discussion of vulnerability disclosure policy.
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS