Cisco Systems has patched a vulnerability similar to one exploited by a cyberespionage group believed to be linked to the U.S. National Security Agency.
The vulnerability affects networking devices running Cisco’s IOS, IOS XE, and IOS XR operating systems that process IKEv1 (Internet Key Exchange version 1) packets. When exploited, it allows remote unauthenticated attackers to extract contents from a device’s memory, potentially leading to the exposure of sensitive and confidential information.