15. 6. 2016

Aliter Technologies Discovers Vulnerability on APIC Devices of CISCO

A company´s Security Researcher, during the security audit of devices delivered by the company, disclosed an unknown vulnerability on APIC devices of CISCO Company.

The vulnerability is due to the use of incorrect installation and permission settings for binary files during installation of the system software on a device. A successful exploit could allow the attacker to gain root- level privileges and take full control of the device. CISCO is not aware of any public announcements or malicious use of the vulnerability. The Cisco Product Security Incident Response Team (PSIRT), after being notified by company Aliter Technologies, released software updates that address this vulnerability. The vulnerability was present on all previous versions of SDN controllers.