Researchers unveil vulnerabilities in Cisco's WiFi gear

If you're a business that's deployed Cisco's wireless LAN gear, be aware that your private data could be at risk. Last week, two researchers at German testing lab ERNW illustrated how easy it is to attack a Cisco WiFi wireless LAN device.

During a presentation called "Hacking Cisco Enterprise WLANs," the researchers showed how a hacker could compromise two generations of Cisco's WiFi equipment: Structured Wireless Aware Network (SWAN) and Cisco Unified Wireless Network (CUWN).

By exploiting weakness in Cisco's Wireless LAN Context Control Protocol (WLCCP), which enables data to be sent between access points, a hacker could launch a denial of service attack and look into encrypted traffic on the SWAN gear. While CUWN's use of cryptography offered a higher level of security over SWAN, the use of SNMP (simple network management protocol) in its web management interfaces made the devices vulnerable to security attacks

Although the session focused on Cisco, ERNW researcher Enno Rey pointed out that many vendors' WiFi equipment have security issues. "All of these [vendors'] solutions have skeletons in the closet," he said. "This is not so much about Cisco bashing."

For more:
- ZDNet UK has this article

Suggested Articles

Colt Technology Services and the Global Leaders Forum announced Monday that they are preparing the launch of a blockchain-enabled settlement platform.

Using its Cloud Connect Dynamic Connections platform, CenturyLink is turning up cloud connections for enterprises in Microsoft Azure,

After several years of development, AT&T and Colt are laying claim to being the first in the telecom industry to implement MEF's LSO Sonata APIs.