Cisco Scrambles To Patch Second Shadow Brokers Bug In Firewalls

Trailrunner7 writes: Cisco is scrambling to patch another vulnerability in many of its products that was exposed as part of the Shadow Brokers dump last month. The latest vulnerability affects many different products, including all of the Cisco PIX firewalls. The latest weakness lies in the code that Cisco's IOS operating system uses to process IKEv1 packets. IKE is used in the IPSec protocol to help set up security associations, and Cisco uses it in a number of its products. The company said in an advisory that many versions of its IOS operating system are affected, including IOS XE and XR. Cisco does not have patches available for this vulnerability yet, and said there are no workarounds available to protect against attacks either. Many of the products affected by this flaw are older releases and are no longer supported, specifically the PIX firewalls, which haven't been supported since 2009.

Re:Bad wording

[jellomizer]

If you are a company the size of Cisco with so many customers a month is a good scramble. As there are many levels of checks that are needed to be done, before you release it. Because while the flaw is really bad, causing all the customers to have their firewall brick from a bad patch is worse.

Most of us work on small scale programs, where a downtime or a major problem, isn't nearly a big deal. However with Cisco a problem in deploayment can bring down the entire economy.