Red Balloon discovered a vulnerability which allows an attacker to persistently bypass Cisco’s proprietary secure boot mechanism and lock out future updates.
Red Balloon discovered a vulnerability which allows an attacker to persistently bypass Ciscoโs
proprietary secure boot mechanism and lock out future updates.
Internal R&D
2019
Thrangrycat is caused by a series of hardware design flaws within Ciscoโs Trust Anchor module (TAm) which is a proprietary hardware security module used in a wide range of Cisco products, including enterprise routers, switches and firewalls. TAm is the root of trust that underpins all other Cisco security and trustworthy computing mechanisms in these devices. Thrangrycat allows an attacker to make persistent modification to the Trust Anchor module via FPGA bitstream modification, thereby defeating the secure boot process and invalidating Ciscoโs chain of trust at its root. This vulnerability was discovered by Red Balloon Security during internal research.
ย
Following Black Hat 2019 and DEF CON 27, Red Balloon Security released open-source tools which are available on Github, including a Binary Abstraction Layer (BAL) package which is a tiny framework for analyzing and manipulating binary data.
ย
See the presentation here.
ย
Internal R&D
2019
Thrangrycat is caused by a series of hardware design flaws within Ciscoโs Trust Anchor module (TAm) which is a proprietary hardware security module used in a wide range of Cisco products, including enterprise routers, switches and firewalls. TAm is the root of trust that underpins all other Cisco security and trustworthy computing mechanisms in these devices. Thrangrycat allows an attacker to make persistent modification to the Trust Anchor module via FPGA bitstream modification, thereby defeating the secure boot process and invalidating Ciscoโs chain of trust at its root. This vulnerability was discovered by Red Balloon Security during internal research.
ย
Following Black Hat 2019 and DEF CON 27, Red Balloon Security released open-source tools which are available on Github, including a Binary Abstraction Layer (BAL) package which is a tiny framework for analyzing and manipulating binary data.
ย
Sal Stolfo was an original founding member of Red Balloon Security, Inc.
ยฉ 2022 Red Balloon Security.
All Rights Reserved.
ยฉ 2022 Red Balloon Security. All Rights Reserved.
Reach out to learn more about our embedded security offering and to schedule a demo.
Reach out to learn more about our embedded security offering and to schedule a demo.
Reach out to learn more about our embedded security offering and to schedule a demo.
Reach out to learn more about our embedded security offering and to schedule a demo.