CyberNews Briefs

Hackers Compromise Cisco Servers Via SaltStack Flaws

Cisco disclosed on Thursday that six of its VIRL-PE servers were compromised after threat actors used critical SaltStack vulnerabilities in a targeted attack. Cisco stated that the attackers used to known vulnerabilities that exist in the open-source Salt management framework and are used in Cisco products. Two Cisco products still use a vulnerable version of SaltStack, Modeling Labs Corporate Edition, and Cisco Virtual Internet Routing Lab Personal Edition.

In the second product, hackers exploited the flaws and subsequently compromised six Cisco servers. Cisco announced that the servers were remediated on May 7 in an alert published this Thursday. The company has since released software updates for the two products involved in the attack, ranking the vulnerabilities a 10 out of 10 on the CVSS scale and advising consumers to update products immediately.

Read More: Hackers Compromise Cisco Servers Via SaltStack Flaws

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.