Rapid7 Vulnerability & Exploit Database

SYNful Knock Cisco Router Backdoor

Back to Search

SYNful Knock Cisco Router Backdoor

Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
09/15/2015
Created
07/25/2018
Added
09/21/2015
Modified
03/21/2018

Description

SYNful Knock is a stealthy modification of the firmware image in Cisco IOS devices, usually loaded through the exploitation of another vulnerability. Once the malware has been implanted, an attacker could use specially crafted TCP packets to control the device without internal knowledge.

Solution(s)

  • synful-knock

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;