Cisco downplays WLAN vulnerability

AirMagnet, the security company that discovered the issue, said the hole could still create problems

Cisco Systems downplayed a vulnerability in some of its wireless access points, reporting Tuesday that there is no risk of data loss or interception.

But AirMagnet, the wireless network security vendor that discovered the issue, said the hole could still lead to problems.

The vulnerability is based in a feature that makes it easy for Cisco access points to associate with a controller in the network. Existing APs broadcast information about the nearby network controller they communicate with.

When an enterprise hangs a new AP, that AP listens to information broadcast by other APs and knows which controller to connect to.

AirMagnet worries that a person could "skyjack" a new AP by getting the AP to connect to a controller outside of the enterprise.

Enterprises can avoid that scenario by configuring their access points with a preferred controller list, Cisco said. That bypasses the over-the-air provisioning process that could result in an AP connecting to an outside controller.

Also, Cisco said that even if an AP did connect to an unauthorized controller, workers would then be unable to connect to that AP. That would prevent a hacker from intercepting their communication.

However, once an AP is connected to an unauthorized controller, a hacker might then be able to access the company's entire network, said Wade Williamson, director of product management at AirMagnet.

"Someone being able to drill into your wired network is much more concerning than users not being able to check e-mail," he said.

Cisco did not immediately respond to a question about the potential of that scenario.

Cisco rates the vulnerability as unlikely to be used. It notes that in order to exploit the hole, an attacker would have to be able to deploy a Cisco controller within radio range of a newly installed AP.

The vulnerability affects Cisco Lightweight Access Point 1100 and 1200 series.

Join the CSO newsletter!

Error: Please check your email address.

Tags exploits and vulnerabilitiesWLANciscowireless

More about AirMagnetCiscoCiscoetwork

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Nancy Gohring

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts