Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Cisco says hackers have been exploiting one of the most common vulnerabilities in large-scale enterprises for at least three years, prompting the US government and its allies to urge the agency to take action.
Bug, which has a a maximum vulnerability score of 10.0allows hackers to remotely penetrate networks running its Catalyst SD-WAN products, which allow large companies and government agencies with multiple offices to connect their private networks over long distances.
By exploiting this flaw in the Internet, hackers can gain the highest permissions on these devices and maintain hidden access within the victim’s network, allowing them to spy or steal data for extended periods of time.
Cisco said that after discovering the bug, its researchers followed the evidence of use until 2023. Some of the affected organizations say it is very difficult. The company did not provide specifics, but “critical infrastructure” could mean anything from power and water grids to the transportation sector.
Several governments, including Australia, Canada, New Zealand, the United Kingdom and the United States, have issued warnings warning that threats are targeting organizations “worldwide.”
The US cybersecurity agency CISA has ordered all non-governmental organizations to update their systems by the end of Friday, according to danger is imminent is an unacceptable risk to the federal government. The federal cybersecurity agency, which is it is currently running on low power because of the partial suspension of the government, he said that he was aware of the atrocities that were taking place.
Neither Cisco nor the government said the attacks were carried out by a particular group or country, if known, but they traced one group of incidents to UAT-8616.
In December, Cisco warned about a Risk equivalent of 10.0 in an Async program that uses many of its resources, which were actively used to destroy its network.
