Researchers at Red Balloon reported two vulnerabilities found in the Cisco 1001-X series routers. Vulnerabilities in active Cisco network equipment are not news, but the truth of life. Cisco is one of the leading manufacturers of routers and other network devices, so there is an increased interest in the reliability of its products from both data protection specialists and from the standpoint of the interests of intruders.
Looking ahead, we note that Red Balloon specialists notified Cisco about new vulnerabilities several months ago, so the problem is somehow solved, or at least Cisco knows how to solve it. One of the two vulnerabilities is closed relatively simply - by updating the firmware, and the company posted this firmware yesterday in the public domain, the online publication reports. . We are talking about a bug found in the Cisco IOS operating system, which gives an attacker root access to the routers of the specified series.
The second vulnerability is something special and extremely dangerous, the researchers say. It touches the security foundation of hundreds of millions of company network devices, from routers to switches to firewalls. Red Balloon specialists were able to bypass such hardware protection of Cisco equipment as Trust Anchor. "Anchor of trust", as this term can be translated, is the development of proprietary modules for checking the integrity of the company's equipment (formerly ACT). The ACT module was introduced to protect against counterfeiting and later transformed into a module for controlling the integrity of the software component of Cisco network devices. Today, Trust Anchor is found in all active network equipment of the company. It is not difficult to imagine what the compromise of Trust Anchor will result in. Networks on Cisco equipment can no longer be trusted after this.
Researchers have found a way to fool Trust Anchor. The hacked equipment continued to inform customers about non-intervention, and thus the specialists did whatever they wanted with it. By the way, this makes us think about the fate of similar developments by ARM (TrustZone), Intel (SGX) and other similar hardware methods for protecting computing platforms. It would seem that this is the solution for closing holes in processor architectures. A trusted chip or module in a chipset could increase the security of computers against hacking. In practice, a hole or an opportunity to bypass protection was found even in a solution where entry is extremely limited and is usually possible only in the conditions of firm production.
The latter circumstance will be important for closing holes associated with the compromise of Trust Anchor modules. Although Cisco has promised to release patches to fix the identified Trust Anchor vulnerability for all of its equipment, it may not be possible to solve this problem by downloading the update. According to Cisco, this will require "local reprogramming," which means it will not be possible to update the hardware remotely. Well, the personnel serving networks on the Cisco equipment are waiting for hot days. And the approaching summer has nothing to do with it.
Source: 3dnews.ru