Thrangrycat Claws Cisco Customer Security

  /     /     /  
Publicated : 23/11/2024   Category : security

Thrangrycat Claws Cisco Customer Security


A linked pair of vulnerabilities could allow an attacker to take over many different types of Cisco networking components.


A recently discovered flaw in Cisco IOS XE software with the HTTP Server feature enabled could allow a user with stolen credentials to execute code on a Cisco networking device with root privileges — a significant privilege escalation attack. Dubbed Thrangrycat by the researchers at Red Balloon Security who discovered the linked pair of vulnerabilities, these flaws, designated CVE-2019-1862, would allow an attacker to first bypass the Cisco Trust Anchor module (TAm), then conduct a remote code injection with root execution.
In the first exploit, an attacker would manipulate the bitstream responsible for defining the Field-Programmable Gate Array (FPGA) that holds the code for TAm — code that executes from the FPGA hardware at boot and is designed to insulate the device from boot-time exploits. In addition to bypassing secure boot, the attack code locks all future software updates out of the TAm.
Once the TAm is compromised, the attacker can log into the device and execute code at root privilege. Cisco has released a firmware update that patches the vulnerability, and acknowledges that there are no operational work-arounds to Thrangrycat.
The company plans to present details of the vulnerability and exploit at
Black Hat USA 2019
in Las Vegas.
For more, read
here
and
here

 
 
 
Join Dark Reading LIVE for two cybersecurity summits at Interop 2019. Learn from the industrys most knowledgeable IT security experts. Check out the
Interop agenda
here.

Last News

▸ ArcSight prepares for future at user conference post HP acquisition. ◂
Discovered: 07/01/2025
Category: security
▸ Samsung Epic 4G: First To Use Media Hub ◂
Discovered: 07/01/2025
Category: security
▸ Many third-party software fails security tests ◂
Discovered: 07/01/2025
Category: security


Cyber Security Categories
Google Dorks Database
 		Exploits Vulnerability
 		Exploit Shellcodes

CVE List
 		Tools/Apps
 		News/Aarticles

Phishing Database
 		Deepfake Detection
 		Trends/Statistics & Live Infos



Tags:
Thrangrycat Claws Cisco Customer Security