A pair of vulnerabilities in Cisco routers could, when exploited in tandem, allow hackers to prevent software updates and defeat the “Secure Boot” process that verifies the code running on the hardware, researchers have discovered.
The discovery, made by Red Balloon Security, affects Cisco’s 1001-X router, which the company markets to managed service providers and other businesses. But Red Balloon researchers say they believe it could affect a number of other systems that rely on Cisco’s Trust Anchor module – the feature that helps ensure the code running on hardware is unmodified and authentic. Trust Anchor is also used in Cisco routers and switches.
“This is a significant security weakness which potentially exposes a large number of corporate, government and even military networks to remote attacks,” said Ang Cui, Red Balloon’s founder and chief scientist.
The first of the vulnerabilities, dubbed “Thrangrycat,” would let an attacker bypass the Cisco Trust Anchor and manipulate its firmware, while the second allows for remote code execution into a version of Cisco’s IOS operating system.
Cisco is “not aware of any malicious use of the vulnerability that is described in this advisory,” a company spokesperson said.
A patch won’t completely remediate the problem, according to Cui.
“Fixing this problem isn’t easy, because to truly remediate it requires a physical replacement of the chip at the heart of the Trust Anchor system,” Cui said. “A firmware patch will help to offset the risks, but it won’t completely eliminate them.”