Summary of Cisco NX-OS security vulnerabilities I uncovered

I reported various vulnerabilities in NX-OS back in 2011, in various posts on my blog:

Hacking NX-OS Part 1

Hacking NX-OS Part 2

Hacking NX-OS Part 3

These were follow on’s to a series of posts I made about getting access to the OS by simply accessing the image:

Deconstructing Cisco NX-OS Part 1: Exploding Kickstart
Deconstructing Cisco NX-OS Part 2: Exploding the System Image

The exploits, which I formally reported to Cisco, were never made public, until over four years later.  These exploits were describe in the above posts years before their acknowledgement by Cisco.  Some of the exploits which I described  and were later made public by Cisco are:

GNU Bash Environment Variable Command Injection Vulnerability

Cisco Nexus Devices NX-OS Software Command-Line Interpreter Local Privilege Escalation Vulnerability

Cisco Nexus Operating System Devices Command Line Interface Local Privilege Escalation Vulnerability

Cisco NX-OS Software Arbitrary Code Execution Vulnerability

Cisco NX-OS Software Input Validation Vulnerability



This entry was posted in Nexus, NX-OS and tagged , . Bookmark the permalink.

Leave a Reply