The vulnerability was announced this week by Cisco affecting the IOS, IOS XR and IOS XE software’s that powers many networking devices. This exploit can lead the exposure of sensitive information from targeted network or victim. This security flaw allow hackers to fetch the content’s from a device memory.
Cisco itself discovered the vulnerability internally after analyzing the exploit for Cisco PIX firewalls that was reviled by hacking outfit called Shadow Brokers. The exploit was part of a larger set of attack tools that Shadow Brokers claimed are being used by a cyberespionage group known in the security industry as the Equation, believed to be linked to the NSA.
Cisco released detection signatures for instrusion prevention system that could be used to protect networks from various attacks. Many affected IOS, IOS XR and IOS XE releases didn’t have any fixed versions yet.
There’s an organization called Shadowserver Foundation, an organization that tracks cybercrime, botnets has started an internet-wide scan to find all affected Cisco devices which are vulnerable to this exploit and reporting them to their owners.
Which countries are affected the most?
- United States 255,606
- Russia 42,281
- United Kingdom 42,138
The theses are the completing top 10, Canada, Germany, Japan, Maxico, France, Australia and china.
How Shadowserver Scanning for vulnerable devices?
The run a scan which last for two and half hours on Wednesday, finding devices with more then 840,681 IP Addresses that found vulnerable to NSA exploit.