Millions of Cisco devices used by corporate, government and military networks contain a logic vulnerability in their Secure Boot process that could allow local, authenticated actors to bypass and disable critical functionality in the Trust Anchor hardware module (TAm) – the bedrock upon which all other trusted computing mechanisms within the devices are built.

The hardware tampering flaw is officially designated as CVE-2019-1649, but researchers from Red Balloon who made the discovery refer to it as Thrangrycat, or as a series of emojis expressed as "????????????." Adversaries who exploit the issue could also potentially lock out software updates to the TAm's bitstream.

Malicious actors could even execute a remote attack if they combine Thrangrycat with any number of command injection or privilege escalation exploits. For instance, malicious actors might take advantage of CVE-2019-1862, a newly reported command injection vulnerability that Red Balloon researchers also discovered in Cisco's IOS EX operating system.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.