Cisco Systems just can’t seem to make it through the Black Hat USA conference unscathed. On Wednesday, a security researcher showed how an unpatched vulnerability in the company’s PIX firewall appliances could allow outside attackers to gain access to corporate networks.On the final slide of his presentation on voice-over-IP security, Hendrik Scholz, a developer with Freenet Cityline GmbH, disclosed a technique for bypassing the firewalls, according to an audio recording of the talk obtained by IDG News Service.“You can open up whatever port you want … and access internal servers from the outside,” he said. “It’s really easy to do, and we’re talking to Cisco about how to get it fixed.”By now, Black Hat is old hat for Cisco. Last year, conference organizers were sued by the networking giant and had to literally rip a presentation by researcher Michael Lynn out of last year’s conference materials because it disclosed flaws in its Internetwork Operating System software.Details on the PIX vulnerability are scarce. Scholz’s slide disclosing the Cisco exploit, called a zero-day in hacker parlance, was not included in the version of his presentation distributed by Black Hat. And Scholz himself declined to comment further on the exploit, saying he was waiting for Cisco to address the matter. “If you are interested in details regarding ‘the last slide,’ all I can tell you right now is that Cisco is working to get it fixed,” he said via e-mail. “Information will be released sometime in the future, but most likely not during Black Hat.”Cisco spokesman John Noh confirmed that his company was investigating the matter. “After we look into it, we will respond according to our security vulnerability policy,” he said.By Robert McMillan, IDG News Service (San Francisco Bureau)More Black Hat coverage:• Black Hat: Xerox Printers Have Major Security Flaw• Black Hat: MacBook Vulnerable to Wireless Hack • Black Hat: FBI Joins Fight Against ID Theft• Hackers Descend on Las VegasKeep checking in at our Security Feed for updated news coverage. Related content feature Top cybersecurity M&A deals for 2023 Fears of recession, rising interest rates, mass tech layoffs, and conservative spending trends are likely to make dealmakers cautious, but an ever-increasing need to defend against bigger and faster attacks will likely keep M&A activity steady in By CSO Staff Sep 22, 2023 24 mins Mergers and Acquisitions Mergers and Acquisitions Mergers and Acquisitions brandpost Unmasking ransomware threat clusters: Why it matters to defenders Similar patterns of behavior among ransomware treat groups can help security teams better understand and prepare for attacks By Joan Goodchild Sep 21, 2023 3 mins Cybercrime news analysis China’s offensive cyber operations support “soft power” agenda in Africa Researchers track Chinese cyber espionage intrusions targeting African industrial sectors. By Michael Hill Sep 21, 2023 5 mins Advanced Persistent Threats Cyberattacks Critical Infrastructure brandpost Proactive OT security requires visibility + prevention You cannot protect your operation by simply watching and waiting. It is essential to have a defense-in-depth approach. By Austen Byers Sep 21, 2023 4 mins Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe