Which Cisco routers, modems and networking gear are affected by and safe from the Heartbleed bug?

cisco to cut 6000 jobs as it battles slow sales in emerging markets

Though the now-infamous Heartbleed bug is currently being patched by many companies on the website level, the OpenSSL data encryption flaw also affects an unknown amount of networking hardware from companies including Cisco Systems.

Cisco published a bulletin on its site, warning that some of its networking hardware and software, which includes routers, Ethernet switches, access points, and more, is affected by the Heartbleed bug, a flaw in the OpenSSL data encryption software used by many of the world’s websites. Though most of this hardware wouldn’t be found in the average person’s home, the hardware that Cisco identifies as vulnerable is likely used by private companies, governments, and other organizations.

We reached out to Cisco for comment, and asked whether a patched website would still be vulnerable to Heartbleed if the organization running the site is still using Cisco hardware and/or services to keep it up and running. Nigel Glennie, Senior Manager of Global Corporate Communcations for Cisco, responded to our request for comment, stating that the list of affected hardware and services “are not going to be the type of products that allow the exploitation of user data on a website.”

However, that seems to run contrary to Cisco’s own bulletin, which states that “Multiple Cisco products incorporate a version of the OpenSSL package affected by a vulnerability that could allow an unauthenticated, remote attacker to retrieve memory in chunks of 64 kilobytes from a connected client or server.” On top of that, the bulletin also states that “disclosed portions of memory could contain sensitive information that may include private keys and passwords.”

Digital Trends is currently awaiting clarification on the apparent discrepancy between Glennie’s statement and Cisco’s published security advisory.

Here’s the list of Cisco networking hardware and services that’s affected by the Heartbleed bug, according to the firm’s official bulletin, as of this writing. Cisco will continue to update these lists, so check back with this Security Advisory page often.

  • Cisco AnyConnect Secure Mobility Client for iOS [CSCuo17488]
  • Cisco Desktop Collaboration Experience DX650
  • Cisco Unified 7800 series IP Phones
  • Cisco Unified 8961 IP Phone
  • Cisco Unified 9951 IP Phone
  • Cisco Unified 9971 IP Phone
  • Cisco IOS XE [CSCuo19730]
  • Cisco Unified Communications Manager (UCM) 10.0
  • Cisco Universal Small Cell 5000 Series running V3.4.2.x software
  • Cisco Universal Small Cell 7000 Series running V3.4.2.x software
  • Small Cell factory recovery root filesystem V2.99.4 or later
  • Cisco MS200X Ethernet Access Switch
  • Cisco Mobility Service Engine (MSE)
  • Cisco TelePresence Video Communication Server (VCS) [CSCuo16472]
  • Cisco TelePresence Conductor
  • Cisco TelePresence Supervisor MSE 8050
  • Cisco TelePresence Server 8710, 7010
  • Cisco TelePresence Server on Multiparty Media 310, 320
  • Cisco TelePresence Server on Virtual Machine
  • Cisco TelePresence ISDN Gateway 8321 and 3201 Series
  • Cisco TelePresence Serial Gateway Series
  • Cisco TelePresence IP Gateway Series
  • Cisco WebEx Meetings Server versions 2.x [CSCuo17528]
  • Cisco Security Manager [CSCuo19265]

Cisco is also currently investigating whether any of its other networking products are vulnerable to Heartbleed. Here’s a list of the hardware and services that the firm is looking into as of this writing.

  • Cisco IOS XR
  • Cisco Nexus 1000V Series Switches
  • Cisco Nexus 4000 Series Switches
  • Cisco Nexus 5000 Series Switches
  • Cisco Nexus 6000 Series Switches
  • Cisco Nexus 9000 Series Switches
  • Cisco IPS
  • Cisco Webex Messenger
  • Cisco Jabber client
  • Cisco OnePK All-in-One VM
  • Cisco DCM Series 9900-Digital Content Manager
  • Cisco D9034-S Encoder
  • Cisco D9054 HDTV Encoder
  • Cisco Show and Share
  • WebEx Social
  • Cisco Adaptive Security Device Manager (ASDM)
  • Catalyst 6500 Series and Cisco 7600 Series Firewall Services Module (FWSM)
  • Cisco Digital Media Manager
  • Cisco Digital Media Players
  • Cisco Edge 300 Digital Media Player
  • Cisco Edge 340 Digital Media Player
  • Cisco Emergency Responder
  • Cisco Internet Streamer CDS
  • Cisco Enterprise Content Delivery System (ECDS)
  • Cisco IP Communicator
  • Cisco TelePresence Recording Server
  • Cisco Network Analysis Module Software (NAM)
  • Cisco Wireless Location Appliance
  • CiscoWorks Wireless LAN Solution Engine (WLSE)
  • Cisco Physical Access Gateways
  • Cisco Physical Access Manager
  • Cisco Video Surveillance Media Server Software
  • Cisco Video Surveillance Operations Manager Software
  • Cisco NetFlow Generation Appliance 3240
  • Cisco Prime Data Center Network Manager
  • Cisco Prime Analytics for SPs
  • Cisco Prime Central for SPs
  • Cisco Prime Provisioning for SPs
  • Cisco Prime Performance Manager for SPs
  • Cisco Prime Optical for SPs
  • Cisco Prime Network Services Controller (formerly the Cisco Virtual Network Management Center)
  • Cisco Prime Network Registrar
  • Cisco Unified Contact Center Products
  • Cisco Unified Department Attendant Console
  • Cisco Unified E-Mail Interaction Manager
  • Cisco Unified Enterprise Attendant Console
  • Cisco Unified Mobility
  • Cisco Unified Operations Manager
  • Cisco Unified Personal Communicator
  • Cisco Unified Presence
  • Cisco Unified Provisioning Manager
  • Cisco Unified Quick Connect
  • Cisco Unified Service Monitor
  • Cisco Unified Service Statistics Manager
  • Cisco UCS Invicta Series Solid State Systems
  • Cisco NAC Server
  • Cisco NAC Manager
  • Cisco NAC Agent
  • Cisco NAC Guest Server
  • Cisco ONS 15454 Series Multiservice Provisioning Platforms
  • Cisco Quantum Policy Server (QPS)
  • Cisco TelePresence System 500
  • Cisco TelePresence System 1100
  • Cisco TelePresence System 1300 Series
  • Cisco TelePresence System 3000 Series
  • Cisco TelePresence System T Series
  • Cisco IP Video Phone E20
  • Cisco TelePresence MX Series
  • Cisco TelePresence EX Series
  • Cisco Telepresence Integrator C Series
  • Cisco TelePresence Profile Series
  • Cisco TelePresence SX Series
  • Cisco TelePresence Movi with Precision HD USB / Jabber Video
  • Cisco TelePresence MXP Series
  • Cisco TelePresence MCU all series
  • Cisco TelePresence Advanced Media Gateway Series
  • Cisco TelePresence IP VCR Series
  • Cisco TelePresence ISDN GW 3241
  • Tandberg Codian ISDN GW 3210/3220/3240
  • Tandberg Codian MSE 8310 model
  • Tandberg 770/880/990 MXP Series

Finally, here’s a list of Cisco hardware that has been analyzed by the company, and deemed to be not vulnerable to Heartbleed, as of this writing.

  •     Cisco IOS
  •     Cisco MDS Switches
  •     Cisco Nexus 3000 Series Switches
  •     Cisco Nexus 7000 Series Switches
  •     Cisco Adaptive Security Appliance (ASA) Software
  •     Cisco ACE Application Control Engine Module
  •     Cisco ACE Application Control Engine Appliance
  •     Cisco AnyConnect Secure Mobility Client for desktop platforms
  •     Cisco AnyConnect Secure Mobility Client for Android
  •     Cisco CSS 11500 Series Content Services Switches
  •     Cisco Unified 7900 series IP Phones
  •     Cisco Unified 6900 series IP Phones
  •     Cisco Unified 3900 series IP Phones
  •     Cisco Unified 8941 IP Phone
  •     Cisco Unified 8945 IP Phone
  •     Cisco Unified IP Conference Phone 8831
  •     Cisco Unified Communications Manager (UCM) 9.1(2) and earlier
  •     Cisco Unified Communications Domain Manager
  •     Cisco Unified Business Attendant Console
  •     Cisco Unified Department Attendant Console
  •     Cisco Unified Enterprise Attendant Console
  •     Cisco Identity Service Engine (ISE)
  •     Cisco Secure Access Control Server (ACS)
  •     Cisco Wireless Lan Controller (WLC)
  •     Cisco Wireless Control System (WCS)
  •     Cisco Web Security Appliance (WSA)
  •     Cisco Content Security Management Appliance (SMA)
  •     Cisco Email Security Appliance (ESA)
  •     Cisco IronPort Encryption Appliance (IEA)
  •     Cisco UCS Central
  •     Cisco UCS Fabric Interconnects
  •     Cisco UCS B-Series (Blade) Servers
  •     Cisco UCS C-Series (Stand alone Rack) Servers
  •     Cisco RV315W Wireless-N VPN Router
  •     Cisco RV215W Wireless-N VPN Router
  •     Cisco RV220W Wireless-N VPN Router
  •     Cisco RV180W Wireless-N VPN Router
  •     Cisco RV120W Wireless-N VPN Router
  •     Cisco RV110W Wireless-N VPN Router
  •     Cisco CVR100W Wireless-N VPN Router
  •     Cisco RV325 VPN Router
  •     Cisco RV320 VPN Router
  •     Cisco RV180 VPN Router
  •     Cisco RV082 VPN Router
  •     Cisco RV042 VPN Router
  •     Cisco RV016 VPN Router
  •     Cisco 200 Series Smart Switches
  •     Cisco 300 Series Managed Switches
  •     Cisco 500 Series Stackable Managed Switches
  •     Cisco ESW2 Series Advanced Switches
  •     Cisco WAP121 Wireless-N Access Point
  •     Cisco WAP321 Wireless Access Point
  •     Cisco WAP551/561 Wireless-N Access Point
  •     Cisco WAP4410N Wireless-N Access Point
  •     Cisco Meraki Cloud Managed Indoor Access Points
  •     Cisco Meraki Cloud-Managed Outdoor Access Points
  •     Cisco Meraki MX Security Appliances
  •     Cisco Meraki MS Access Switches
  •     Cisco WebEx Meetings Server versions 1.x
  •     Cisco Application and Content Networking System (ACNS) Software
  •     Cisco Wide Area Application Services (WAAS) Software
  •     Cisco ACE Global Site Selector Appliances (GSS)
  •     Cisco Prime Network Analysis Module (NAM)
  •     Cisco Prime Infrastructure
  •     Cisco Content Switching Module with SSL (CSM-S)
  •     Cisco SSL Services Module (SSLM)
  •     Cisco Intelligent Automation for Cloud
  •     Cisco Meraki Dashboard
  •     Cisco WebEx Meeting Center
  •     Cisco WebEx Support Center
  •     Cisco WebEx Training Center
  •     Cisco WebEx Event Center
  •     Cisco Universal Small Cell CloudBase
  •     Cisco Cloud Web Security

Image credit: http://images.china.cn


Here’s how to watch AMD reveal its new Ryzen chips at Computex

AMD will hold a pre-Computex keynote May 27 to announce its new line of 3rd-generation Ryzen processors and accompanying Radeon Navi graphics cards. Here's how to watch the keynote live wherever you are in the world.

Keep your kids safe online with these great parental control tools

The internet can be a dangerous place, especially for your loved ones. Check out our selection of the best free parental control software for Windows and MacOS, so you can monitor your child and block unsavory sites.

These external drives have speed, durability, and storage space to spare

Whether you want an external storage drive that is fast, portable, or comes with a ton of storage, these are the best external hard drives available today. They all come with great features and competitive pricing.

The 2019 ThinkPad lineup is robust. Here's how to pick the right one for you

Be it the X series, the T series, E series, it can be tough to find the best Lenovo laptop that is right for you. To help, we'll break down all the options available to make your choice a more informed one.

Should you buy a MacBook Pro or a Razer Blade Stealth? We'll help you decide

Laptop head to heads are a great way to see which one might be the right one for you. Our latest sees the Razer Blade Stealth (2019) vs. MacBook Pro in a fight to see which one deserves to be your next laptop.

AMD's latest Navi graphics cards are incoming. Here's what to expect

AMD's Navi graphics cards could be available as soon as July 2019 — as long as it's not delayed by stock problems. Billed as a successor to Polaris, Navi promises to deliver better performance to consoles like Sony's PlayStation 5.

Microsoft might finally embrace USB-C on next-gen Surface Pro 7

USB-C could finally come to Microsoft's Surface Pro tablet. According to a Microsoft patent filing, the port was shown in an illustration, suggesting that the company is working to support this feature in the future.

Ryzen 3000 chips will pack a punch, and could launch as early as July

AMD's upcoming Ryzen 3000 generation of CPUs could be the most powerful processors we've ever seen, with higher core counts, greater clock speeds, and competitive pricing. Here's what we know so far.

Want to watch Netflix in bed or browse the web? We have a tablet for everyone

There’s so much choice when shopping for a new tablet that it can be hard to pick the right one. From iPads to Android, these are our picks for the best tablets you can buy right now whatever your budget.

The best Amazon Prime Day 2019 deals: Everything you need to know

Amazon Prime Day 2019 is still a few months off, but it's never too early to start preparing. We've been taking a look at the best discounts from previous Prime Days to give you our predictions of what to expect this year.

Walmart Memorial Day sale: 4K TVs, laptops, and Apple iPads get price cuts

The Walmart Memorial Day sale has begun. With some pretty nice savings on Apple iPads, Samsung and Vizio 4K TVs, laptops, and Google Home devices, now is a great time to snag some electronics for cheap.

Here’s how to watch the Nvidia Computex 2019 press conference

Here’s everything you need to know about Nvidia’s upcoming press conference at Computex 2019 in Taipei, Taiwan; including what to expect during the press conference and how and when to watch it.

Best Memorial Day sales 2019: Amazon, Best Buy, and Walmart deals

If you're looking to save big on some shiny new stuff for Memorial Day 2019, we've gathered everything you need to know into one place. Find out where to save the most money before the summer hits its stride.
Emerging Tech

Awesome Tech You Can’t Buy Yet: Tricked-out e-scooters and bike lights that lock

Check out our roundup of the best new crowdfunding projects and product announcements that hit the web this week. You may not be able to buy this stuff yet, but it's fun to gawk!