News & Blog

Cisco Secure Boot Hardware Tampering Vulnerability

News & Blog

Summary

There is a newly discovered vulnerability in multiple Cisco networking devices.  Known as the Cisco Boot Hardware Vulnerability, this problem has been found in the logic that handles access control to one of the hardware components in Cisco’s Secure Boot implementation.  It all the conditions are met, an authenticated local attacker can write a modified firmware image to the component.

Impact for ALI Clients

For those clients on ALI Managed IT Services, our engineering team will be proactively patching and addressing the Cisco Boot Hardware Vulnerability on impacted equipment under management.  This will happen as patches are released from Cisco.

For our other clients, we are providing notification and resource links.  If you would like assistance assessing or remediating your vulnerability, our team  can be scheduled to take care of these issues.

Request Support

More Details

In our opinion, there is some good news.  In order for an attacker to succeed, they have to fulfill 3 conditions that start with privilege administrative access to the device.  

That’s something most IT personnel can control with good password practices.  That is not to say it is impossible for that password to be stolen and exploited, but good password hygiene goes a long way.  In addition to the password, the hacker must also:

  • Access the underlying operating system running on the device.  This can be achieved either by using a supported, documented mechanism or by exploiting another vulnerability that would provide access.
  • Develop or have access to a platform-specific exploit. Although the research process could be reused across different platforms, an exploit developed for a specific hardware type is unlikely to work on different hardware.

Products Impacted

The list of products affected by this vulnerability is fall into the categories of:

  • Network Content & Security Devices (e.g. Cisco ASA & Firepower series)
  • Routing & Switching
  • Voice & Unified Communication Devices

See complete list of applicable Cisco products and latest updates on this vulnerability.

 

Connect, share & learn more:
onpost_follow

Leave a Reply

Your email address will not be published. Required fields are marked *

More Resources

Upcoming event details

Register Here

Check out this great download

Download

close

Enjoy this blog? Share with a colleague!

Be Prepared With our FREE Guide