Intrusion Prevention



This indicates that a system might be infected by Cisco SYNful Knock Malware.
SYNful Knock is a malware that is implanted into Cisco firmware images. Users that executes the images will be infected leading to a persistence presence within a victim's network.

Affected Products

Cisco Routers


System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

If required, the signature's action can be set to "Block".
Refer to the vendor's advisory for updates: