Security Alert: BleedingBit Affects Cisco, Meraki, Aruba Access Points

A newly discovered vulnerability called BleedingBit makes it possible for hackers to infiltrate enterprise networks undetected. The exploit, which was discovered by the security firm Armis, affects BLE (Bluetooth Low Energy) chips made by Texas Instruments (TI). These TI chips are found in equipment made by Cisco, Meraki, and Aruba, companies that make up the majority of business Wi-Fi equipment.

The report states, “Once an attacker takes control over an access point, he can move laterally between network segments, and create a bridge between them, effectively breaking network segmentation.” This poses a serious threat, as segmentation is used for isolating firm resources from networks that are accessed by unmanaged devices.

Months prior to publicly announcing the vulnerability, Armis alerted TI and the  Wi-Fi vendors in question. They have already released patches, so be sure to update your software as soon as possible. Now that the exploit is public knowledge, cyberattackers may start to look for unpatched systems.

Questions about patching or security? Drop us a note and we’d be happy to connect you with the right Kraft Kennedy expert.