Cisco’s wireless LANs could be open to a ‘SkyJack’

Attackers have the potential to cause enterprise disruption through denial of service.

Some Cisco LAN (Local Area Network) devices have a vulnerability that could allow a hacker to hit them with a Denial of Service (DoS) attack.

According to a Cisco alert, the flaw is due to the devices not having enough security for wireless access point association sequences.

An attacker could exploit the vulnerability by injecting malicious packets into the wireless network, where newly added access points are seeking controllers.

With the exploit the attacker could make the LAN device associate with a rogue' controller, preventing the device from servicing network clients and resulting in a DoS.

Security firm AirMagnet originally found the vulnerability, calling it SkyJacking'. It said that if the Cisco access point connected to the rogue' controller, it could lead outside an enterprise and therefore be under outside control.

"This same mechanism could be done intentionally by a hacker to purposely SkyJack access points and take control of an enterprise's access point," said the company.

However, Cisco replied that there was no risk of data loss or interception at the rogue access point or wireless LAN controller, and that a DoS would be the only problem.

The Cisco Lightweight Wireless Access Point 1100 and 1200 series devices are affected. Cisco said that software updates were not yet available.

Featured Resources

How to be an MSP: Seven steps to success

Building your business from the ground up

Download now

The smart buyer’s guide to flash

Find out whether flash storage is right for your business

Download now

How MSPs build outperforming sales teams

The definitive guide to sales

Download now

The business guide to ransomware

Everything you need to know to keep your company afloat

Download now

Recommended

Over two-thirds of companies still run software with WannaCry flaw
WannaCry

Over two-thirds of companies still run software with WannaCry flaw

12 May 2021
IT researcher finds widespread flaws in Wi-Fi security
wifi & hotspots

IT researcher finds widespread flaws in Wi-Fi security

12 May 2021
GitHub now supports security keys in a move away from passwords
Security

GitHub now supports security keys in a move away from passwords

12 May 2021
Tech giants lobby US to fund chip production
Hardware

Tech giants lobby US to fund chip production

11 May 2021

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
Dell XPS 17 (2021) review: A big laptop for big jobs
Laptops

Dell XPS 17 (2021) review: A big laptop for big jobs

10 May 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

30 Apr 2021