Thrangrycat Attacks Cisco Switches, Routers, Firewalls
May 14, 2019 / Jessica Lyons Hardcastle
Two security flaws, one dubbed “Thrangrycat,” in “tens of millions” of Cisco enterprise routers, switches, and firewalls could allow hackers to remotely attack corporate networks, steal data, and attack other devices connected to the networks, according to Red Balloon Security. The embedded device security company disclosed the two flaws on Monday. The first, “Thrangrycat” (like the emoji), allows an attacker to bypass Cisco’s Trust Anchor module (TAm) via field programmable gate array (FPGA) bitstream manipulation. The TAm is a proprietary hardware security module used in a wide range of Cisco products and the root of trust that underpins all of the security mechanisms in these devices. The second vulnerability is in the web-based user interface of Cisco IOS XE software and could allow an authenticated, remote attacker to execute commands on the underlying Linux shell of an affected device with root privileges.