Despite Cisco patching the flaw in 2018, Static Tundra continued exploiting unpatched devices, particularly those that reached end-of-life status, the Cisco advisory added.
Sunil Varkey, advisor at Beagle Security, explained that network devices typically follow a more relaxed firmware release schedule compared to other systems, making them particularly vulnerable to persistent exploitation.
“The typical life of a network device can be around 10 years,” Varkey noted, pointing out that this vulnerability existed in devices from 2006 to 2018, meaning “the number of vulnerable systems could be very high.”
