Cisco has warned users of a bug in version 7.5(1) of its software that leaves its popular Catalyst 4000, 6000 and 6500 switches vulnerable to hackers.

The weakness allows hackers to bypass password protection and alter the configuration of the switches.

Strictly limiting telnet and/or secure shell access to the device will prevent the initial connection required to exploit this vulnerability, Cisco said.

Upgrades are available free of charge, either direct from Cisco via its website or the vendor's channel, depending on the user's support contract.

Cisco customers without support contracts should email Cisco's technical advice centre at tac@cisco.com.

The vendor said a customer had reported the weakness, and that it knew of no malicious activity relating to it.