Forum Discussion
Thrangrycat: Vulnerabilities in Cisco Secure Boot and Cisco...
Thrangrycat: Vulnerabilities in Cisco Secure Boot and Cisco IOS XE
Yesterday, Cisco published security advisories to address vulnerabilities in Cisco Secure Boot (CVE-2019-1649) and Cisco IOS XE (CVE-2019-1862).
CVE-2019-1649, discovered by researchers at Red Balloon Security, Inc., have named this vulnerability or Thrangrycat, which is an authenticated hardware tampering vulnerability in Cisco’s Secure Boot process.
CVE-2019-1862 is an authenticated command injection vulnerability in Cisco IOS XE’s web-based user interface.
Chaining the two vulnerabilities together, Red Balloon Security says, could allow a remote attacker to bypass Cisco’s Secure Boot process and render the vulnerable device unusable or implant a malicious firmware image on it.
To learn more about Thrangrycat, please visit our blog.
2 Replies
Thanks,am following up on this particular Vulnerability.Do you know whether Cisco released patches for this vulnerability or not?
Hi @Kiran Nair thanks for reaching out to us. Cisco did update their advisory on May 30. You'll notice they changed the version number on the advisory and there's a new entry under the Revision History table. They will continue to update this advisory in the coming months. Our blog contains a link to our plugin search page that will be updated with additional product coverage as their updates roll out.
