Patch/Configuration Management, Vulnerability Management

Cisco updates advisory: “We have started publishing fixes” for NSA-linked exploits

Cisco Wednesday updated a security advisory for a remote code execution vulnerability affecting the SNMP application-layer protocol. The vulnerability was discovered after the Shadow Brokers release of exploits believed to have been used by the Equation Group loosely tied to the National Security Agency (NSA).

Omar Santos, principal engineer of Cisco's product security incident response team (PSIRT), wrote in the advisory that the SNMP vulnerability (CVE-2016-6366) is related to the ExtraBacon exploit. “We have started publishing fixes for affected versions, and will continue to publish additional fixes for supported releases as they become available in the coming days,” Santos wrote.

Last week, the company issued an advisory confirming that the BenignCertain exploit affects 6.x and earlier versions of Cisco's PIX firewall products. Fortinet and Juniper also confirmed that code leaked by Shadow Brokers contained exploits that affect their firewalls, setting off a push for a national discussion of vulnerability disclosure policy.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.