Cisco AP Skyjacking

facebooktwittergoogle_pluslinkedinmailfacebooktwittergoogle_pluslinkedinmail

This latest vulnerability on Cisco WLAN (AP Skyjacking) points out the importance for customers to deploy overlay WIPS to have a zero day response capabilities in place. Making changes to your WLAN controller, APs, and firewalls takes time and new vulnerabilities like this will continue to surface. 

A dangerous exploit that can be carried out using this vulnerability is for a hacker to route an enterprise customer’s Cisco AP to WLC deployed out in the Internet and change the Guest SSID to map to an internal enterprise VLAN (using REAP mode supported on Cisco APs); see below for Pravin’s comments. 

AirTight is the only WIPS vendor who can detect this dangerous exploit (i.e. Guest SSID mapped to incorrect VLAN) and prevent this scenario.  Using AirTight WIPS, you can map WLAN SSID-to-VLAN security policy (i.e. wireless-to-wired security policy mapping)  thus allowing you to detect this misconfiguration and prevent a hacker from exploiting this. Using Cisco WLC+WCS+MSE or other third-party WIDS/WIPS, this scenario will go undetected for sometime thus allowing the hacker access into the customer’s enterprise network.  

Customers should pay immediate attention to this vulnerability and change their default settings on their Cisco APs (i.e. out of the box configuration) and put zero day response strategy for vulnerabilities like this in the future.

The AirTight Team

The Airtight Team

Don’t be a stranger! We’d love to hear from you! Be in touch, give praise, make suggestions, submit ideas… the @AirTight team is at your service to answer your questions.

Facebook Twitter LinkedIn Google+ YouTube 

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>