Lenovo researchers have found a backdoor in RackSwitch and BladeCenter switches

  • 208
  • 2
  •  
  •  
  • 1
  •  
  •  
  •  
    211
    Shares

Lenovo researchers have found a backdoor in the firmware of RackSwitch and BladeCenter networking switches. They found the backdoor after an internal security examination of the firmware. The Chinese company has provided relevant source code to a third-party security partner to enable independent investigation of the mechanism.

The backdoor was appended to ENOS (Enterprise Network Operating System) in 2004 when ENOS was maintained by Nortel’s Blade Server Switch Business Unit (BSSBU).

“ENOS, or Enterprise Network Operating System, is the firmware that powers some Lenovo and IBM RackSwitch and BladeCenter switches. An authentication bypass mechanism known as “HP Backdoor” was discovered during a Lenovo security audit in the Telnet and Serial Console management interfaces, as well as the SSH and Web management interfaces under certain limited and unlikely conditions. “

This issue (tracked under the CVE-2017-3765 identifier) could allow hackers to obtain access to the switch management interface, allowing settings modifications that could result in revealing traffic passing through the switch, subtle malfunctions in the attached infrastructure, and partial or full denial of service (DoS).

The company is not aware of this mechanism being exploited, but they assume that its existence is known, and users are recommended to upgrade the firmware to fix this issue.

The following two tabs change content below.

William Fieldhouse

I currently work full time as a penetration tester and have been involved within the IT security industry for over a decade. I also love to pioneer any forms of new technology and ideologies for future advancements. Feel free to contact me at [email protected]

Latest posts by William Fieldhouse (see all)


  • 208
  • 2
  •  
  •  
  • 1
  •  
  •  
  •  
    211
    Shares

William Fieldhouse

I currently work full time as a penetration tester and have been involved within the IT security industry for over a decade. I also love to pioneer any forms of new technology and ideologies for future advancements. Feel free to contact me at [email protected]

Leave a Reply