Security News > 2020 > May > Hackers Compromise Cisco Servers Via SaltStack Flaws
Cisco said attackers have been able to compromise its servers after exploiting two known, critical SaltStack vulnerabilities.
Hackers were able to successfully exploit the flaws incorporated in the latter product, resulting in the compromise of six VIRL-PE backend servers, according to Cisco.
"Cisco infrastructure maintains the salt-master servers that are used with Cisco VIRL-PE," according to Cisco's Thursday alert.
"Those servers were upgraded on May 7, 2020. Cisco identified that the Cisco maintained salt-master servers that are servicing Cisco VIRL-PE releases 1.2 and 1.3 were compromised."
Cisco said that for Cisco CML and Cisco VIRL-PE if the salt-master service is enabled "The exploitability of the product depends on how the product has been deployed." A full list of the impact and recommended action for each deployment option, for each Cisco software release, can be found on Cisco's alert.
News URL
https://threatpost.com/hackers-compromise-cisco-servers-saltstack/156091/
Related news
- Cisco bug lets hackers run commands as root on UWRB access points (source)
- North Korean hackers employ new tactics to compromise crypto-related businesses (source)
- Hackers exploit ProjectSend flaw to backdoor exposed servers (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russia-Linked Turla Exploits Pakistani Hackers' Servers to Target Afghan and Indian Entities (source)
- APT29 Hackers Target High-Value Victims Using Rogue RDP Servers and PyRDP (source)