Thrangrycat flaw lets attackers plant persistent backdoors on Cisco gear

A vulnerability disclosed today allows hackers to plant persistent backdoors on Cisco gear, even over the Internet, with no physical access to vulnerable devices.

Named Thrangrycat, the vulnerability impacts the Trust Anchor module (TAm), a proprietary hardware security chip part of Cisco gear since 2013.

This module is the Intel SGX equivalent for Cisco devices. The TAm runs from an external, hardware-isolated component that cryptographically verifies that the bootloader that loads and executes on Cisco gear is authentic.

Read more…
Source: ZDNet