Researchers unveil vulnerabilities in Cisco's WiFi gear

If you're a business that's deployed Cisco's wireless LAN gear, be aware that your private data could be at risk. Last week, two researchers at German testing lab ERNW illustrated how easy it is to attack a Cisco WiFi wireless LAN device.

During a presentation called "Hacking Cisco Enterprise WLANs," the researchers showed how a hacker could compromise two generations of Cisco's WiFi equipment: Structured Wireless Aware Network (SWAN) and Cisco Unified Wireless Network (CUWN).

By exploiting weakness in Cisco's Wireless LAN Context Control Protocol (WLCCP), which enables data to be sent between access points, a hacker could launch a denial of service attack and look into encrypted traffic on the SWAN gear. While CUWN's use of cryptography offered a higher level of security over SWAN, the use of SNMP (simple network management protocol) in its web management interfaces made the devices vulnerable to security attacks

Although the session focused on Cisco, ERNW researcher Enno Rey pointed out that many vendors' WiFi equipment have security issues. "All of these [vendors'] solutions have skeletons in the closet," he said. "This is not so much about Cisco bashing."

For more:
- ZDNet UK has this article

Suggested Articles

To the surprise of perhaps no one, AWS has a bone to pick about the Pentagon choosing Microsoft for its $10 billion JEDI cloud contract.

Mediacom Communications it now has more than 50,000 combined residential and business customers subscribing to its 1 Gigabit service offerings.

As 2019 draws to a close, FierceTelecom is announcing this year's list of top technology disrupters.