“This requires a certified user, so at least it is not an uncontrolled RCE (remote code execution),” Shiple said. The high CVSS score of vulnerability is 7.7, “But (this) is not the worst we have seen late.”
Ed dubrovskiThe Chief Operating Officer of the US-based event reaction firm Cypfer, also said that a successful attacker would need to be certified.
Although many companies still use default credentials at the SNMP protocol level, they said, the need for an additional device authentication to execute the refusal of Seva or RCE means additional complication for an attacker.
He said that it is being exploited by an internal formula, which has the necessary credibility, it is almost equal to an outsider. In fact, he said, if an external attacker has the required authentication, an organization will actually be in trouble.
Based on CVE for multi -level authentication for both SNMP and a device, CVE is needed that the danger is not a script kidi, but more inspires someone else, possibly with a more technical skill set, which can then also use that device to take high price systems, he said.
“At the end of the day, a Cisco device on the edge is likely to have no company data on it, and the danger actors who are primarily inspired by financial advantage require exfiltrate and lock data and system access. APT (advanced constant threats) and nation state actors are a distinct threat, but it is possible that it is possible to carry forward such environment.
