Researchers unveil vulnerabilities in Cisco's WiFi gear

If you're a business that's deployed Cisco's wireless LAN gear, be aware that your private data could be at risk. Last week, two researchers at German testing lab ERNW illustrated how easy it is to attack a Cisco WiFi wireless LAN device.

During a presentation called "Hacking Cisco Enterprise WLANs," the researchers showed how a hacker could compromise two generations of Cisco's WiFi equipment: Structured Wireless Aware Network (SWAN) and Cisco Unified Wireless Network (CUWN).

By exploiting weakness in Cisco's Wireless LAN Context Control Protocol (WLCCP), which enables data to be sent between access points, a hacker could launch a denial of service attack and look into encrypted traffic on the SWAN gear. While CUWN's use of cryptography offered a higher level of security over SWAN, the use of SNMP (simple network management protocol) in its web management interfaces made the devices vulnerable to security attacks

Although the session focused on Cisco, ERNW researcher Enno Rey pointed out that many vendors' WiFi equipment have security issues. "All of these [vendors'] solutions have skeletons in the closet," he said. "This is not so much about Cisco bashing."

For more:
- ZDNet UK has this article

Suggested Articles

CenturyLink has bold ambitions for its edge compute platform, but it's still in the early innings, according to CTO Andrew Dugan.

Broadband upstream consumption increased by 5.3% from the end of Q1 to the end of Q2, according to a report by OpenVault.

Comcast's field technicians, along with network engineers and call center agents, are the unsung heroes of the cable operator's Covid-19 response.