Critical Vulnerability Across 18+ Network Switch Vendors: Cisco, Netgear, More

By John Scanlan, Published Aug 26, 2019, 10:36am EDT (Info+)

Cisco, Netgear and more than a dozen other brands, including small Asian ones, have been found to share the same critical vulnerability, discovered by prolific researcher bashis.

Most importantly, it shows supply chain risks with so many sharing the same fundamental software/hardware.

Inside, we report details on:

Vulnerability overview
Realtek response
Which manufacturers are affected
Why so many companies are vulnerable
Impact on the security industry
Supply chain risks

Those interested in cybersecurity within our industry should see our Cybersecurity Vulnerability Directory.

Executive *******

Realtek Switch Controller

******* ************* *** *** *** **** central ********* - ***************** ****** ********** *******. **** ******** core ******** **** **** ****** *** which **** ** *** ******* ****** were **** ** ****** **** *************.

*********************

***** ****** **** *** ******** ******* SDK ****** ** ***** ********.

***** *** ******* *************** ** *** SDK ********* ***** ********* ***** *********** remote **** *********, *** ** *** proof ** *******, ****** ** **** to *** *** ****** ***** ***** access ** ***********.

No *** **** *******

**** **** ***********, ** * ******, Realtek ******* ** ******** *** *** for ****, ********* ******'* ******:

*************, ** ** ***, ***** *** initial ******** ** ***** ****, ** weren’t **** ** ******* *** ********* response **** ******* ********* ***** ******.

Manufacturers ********

******** ** ************ *** ********* ****** *************:

Switch Manufacturers Affected by Vulnerable SDK

**** * ******** ** **** ************'* products *** ******** ***** ** ** based ** *** *** ** *** specific ******* ****. *** *******, *********, **** *** *** ******, **** ***** ***** ******** ****, is **********. ** ********, *** ***** 300 ****** ******** **** ** *** nor *** *****'* ********** ********.

*** ************* ** *** ******* ** the ****** ************* *****. ****** **** us **** *** ************* *** **** proven ** ** ******* *** ***** are ***** ******* ** ***********, ** well ** ****** **** **** ***** are **** ***** *** ***, *** not *** **********.

Surveillance ******** ********

*********** ******* ************ ***** *** ** *** ******** companies, ***** *** *******, *** *** choices *** ***** ************ ******* ********.

Updated ****** ********

********* **** ******** ********* ****** ****** firmware, ** ** ** *********. *****, Netgear, *** ***** ************* **** ******* firmware ****** *** *************. ***** *** links ** *** ******* ******** *** the *** ******* *************:

***** *** **** ********:*****-**,*****-***,*****-**,*****-***,*****-**,*****-***,*****-**,*****-****,*****-**,*****-***,**-***-**

******* ****** ********:****** ******* **** ******,*********,**********,*********,********,*********,**********,*********,********

Supply ***** *****

**** **** ****** *** ********* ***** were ** ***** * ***** ************* without ******* ********, ********* ** ****.

*** **** ** *** ************* ******* a *********** ****, *** **** **** it *** ** ****** *********** *** so **** ** *** *** ******* brands ** *** **, *********** *** challenges *** ******* ** ********* ******** devices ** *** ***** **** ******* in **** ******** **********.

Comments (12)

Undisclosed #1

08/26/19 03:44pm

Is there a CVE ranking for this?

I assume it would require LAN access to exploit any of the vulnerabilities, particularly since switches are usually not setup for remote management individually.

Agree: 1

Disagree

Informative

Unhelpful

Funny

bashis mcw

In reply to Undisclosed #1 | 08/26/19 07:32pm

Unfortunately I can prove more than 30k vulnerable devices on the internet as of today...

Cisco ranking 9.8 of the most critical

Cisco Small Business 220 Series Smart Switches Remote Code Execution Vulnerabilities

9.1 for the second

Cisco Small Business 220 Series Smart Switches Authentication Bypass Vulnerability

And 7.2 for the third

Cisco Small Business 220 Series Smart Switches Command Injection Vulnerability

Agree

Disagree

Informative: 5

Unhelpful

Funny: 1

Bas Poiesz

In reply to bashis mcw | 08/27/19 08:54am

With these numbers of proven vulnerabilities it seems fit to ban these items from government installs, oh wait it's not chinese.

Agree

Disagree

Informative

Unhelpful: 1

Funny

Undisclosed #1

In reply to Bas Poiesz | 08/27/19 09:32am

oh wait it's not chinese

You need to read the article more thoroughly. The vulnerabilities are traced back to a Realtek chip and SDK. Realtek is a Chinese company.

Agree: 1

Disagree

Informative

Unhelpful

Funny: 1

Bas Poiesz

In reply to Undisclosed #1 | 08/27/19 11:26am

I read the realtek involvement. My point was that Huawei is about to be under ban for, among other reasons, a national security threat.

It's ironic to me that a large player like Cisco has so many proven vulnerabilities and is not a national security threat.

Agree

Disagree

Informative

Unhelpful

Funny

John Honovich

IPVM | In reply to Undisclosed #1 | 08/27/19 11:26am

Realtek is a Chinese company

Realtek is from Taiwan, the RoC, not China, the PRC.

Agree: 1

Disagree

Informative: 2

Unhelpful

Funny

Bas Poiesz

In reply to John Honovich | 08/27/19 11:40am

I stand corrected. You are right, it's not PRC.

Still, with this many vulnerabilities it deserves some serious scrutiny don't you think?It's a broadly used and accepted brand, also in CCTV.

Or does it being a US company make it safe?

Agree

Disagree

Informative

Unhelpful: 1

Funny

Undisclosed #1

In reply to John Honovich | 08/27/19 11:46am

Realtek is headquartered in Taiwan, but their network chips and related software all seem to originate from a China facility.

Agree

Disagree

Informative: 1

Unhelpful

Funny

Jonathan Strauss

In reply to Bas Poiesz | 08/27/19 02:48pm

Most of these vulnerabilities look like they are coming via the Web UI which should be disabled to begin with.

Agree

Disagree

Informative

Unhelpful

Funny

Undisclosed #3

IPVMU Certified | In reply to Undisclosed #1 | 08/26/19 08:59pm

I assume it would require LAN access to exploit any of the vulnerabilities, particularly since switches are usually not setup for remote management individually.

that would have been my guess also, but...

This vulnerability affects Cisco Small Business 220 Series Smart Switches running firmware versions prior to 1.1.4.4 with the web management interface enabled. The web management interface is enabled via both HTTP and HTTPS by default.

Agree

Disagree

Informative

Unhelpful

Funny

Undisclosed Manufacturer #2

08/26/19 04:35pm

Two comments:

1. Interesting that the second largest category is Other. Is there a few brands that make up that number?

2. You should contact Kevin Coleman: https://www.linkedin.com/in/kgcoleman/. He's been pushing for over a decade that all the switches (eg Cisco made in FoxConn) have been coming over with some kind of malware. Kevin was one of the original founders of Netscape.

Agree

Disagree

Informative: 1

Unhelpful

Funny

Undisclosed #4

08/27/19 03:49pm

Agree: 1

Disagree

Informative

Unhelpful

Funny: 2

Login to read this IPVM report.

Why do I need to log in?

IPVM conducts reporting, tutorials and software funded by subscriber's payments enabling us to offer the most independent, accurate and in-depth information.

Critical Vulnerability Across 18+ Network Switch Vendors: Cisco, Netgear, More

Comments (12)

Undisclosed #1

bashis mcw

Bas Poiesz

Undisclosed #1

Bas Poiesz

John Honovich

Bas Poiesz

Undisclosed #1

Jonathan Strauss

Undisclosed #3

Undisclosed Manufacturer #2

Undisclosed #4

Login to read this IPVM report.

Subscriber Login

Loading Related Reports

Login to view the video.