Skip to main content

Some Cisco Devices May Be Vulnerable To Hacker Attacks

By June 7, 2019May 17th, 2022Cybersecurity

Intel has been in the news several times over the last 18 months due to serious security flaws that have been found in their chipsets, beginning with the dreaded Spectre and Meltdown flaws.  Now with MDS attacks, they’re not the only ones. Recently, researchers have discovered serious flaws in Cisco products that would allow a determined hacker the ability to attack a wide range of devices.

These would be devices used by businesses and government agencies, including routers, switches and firewalls. The new vulnerability is being tracked as CVE-2019-1649, and has been dubbed ‘Thrangrycat’ by researchers from Red Balloon Security, who first discovered it.

The research team had this to say about the vulnerability:

“An attacker with root privileges on the device can modify the contents of the FPGA anchor bitstream, which is stored unprotected in flash memory.  Elements of this bitstream can be modified to disable critical functionality in the Trust Anchor module (Tam).

Successful modification of the bitstream is persistent, and the Trust Anchor will be disabled in subsequent boot sequences.  It is also possible to lock out any software updates to the Tam’s bitstream.”

Ominously, the research team added the following note:

“By chaining the Thrangrycat and remote command injection vulnerabilities, and attacker can remotely and persistently bypass Cisco’s secure boot mechanism and lock out all future software updates to the Tam.  Since the flaws reside within the hardware design, it is unlikely that any software security patch will fully resolve the fundamental security vulnerability.”

Even so, we can expect Cisco to do something along those lines to at least blunt the risk, and they’re no doubt already looking at the hardware architecture to find a solution going forward.  To this point, the company notes that they’ve not detected any attacks exploiting these vulnerabilities, but now that the research has been made public, that may change.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.