Cisco routers, including ones that can be found in malls, large companies or government institutions, are flawed in a way that allows hackers to steal all of the data flowing through them.
The news was unveiled yesterday by Red Baron, a cybersecurity company whose researchers claim the Cisco 1001-X comes with two major flaws.
One is a software flaw inside the router’s operating system, the Cisco IOS, which would allow hackers root access. As dangerous as that may sound, apparently it’s easy to fix with a software patch.
The second flaw, however, is much more dangerous as it allows potential malicious actors to bypass the router’s security feature, Trust Anchor. This feature has been standard in Cisco’s routers since 2013, according to Wired (opens in new tab).
Bypassing Trust Anchor “means we can make arbitrary changes to a Cisco router, and the Trust Anchor will still report that the device is trustworthy. Which is scary and bad, because this is in every important Cisco product. Everything,” Ang Cui, the founder and CEO of Red Balloon, explained.
While Cisco acknowledged, and issued a fix for the first flaw, it disputes the second one. “The Trust Anchor module is not directly involved in the work demonstrated by Red Balloon,” a spokesperson told Wired.
Sam Curry, chief security officer at Cybereason, said "Make no mistake, the vulnerabilities have the potential to disrupt global internet traffic and the recent disclosures of Cisco 1001-X router bugs have short and long term ramifications. The second vulnerability is analogous to a bank leaving their vault doors open with all the security guards on lunch break creating a free-for-all. That's not trivial. Anything that potentially can affect the large routers that move mega-traffic amongst the online retailers, banks, global stock exchanges, social media companies, the largest enterprises and the governments in the world is the ideal target for attackers.”
Image Credit: Deepadesigns / Shutterstock