Cisco's 'Thrangrycat' Router Flaw Tough to NeuterVulnerability Could Compromise Secure Boot Process
Researchers report finding a vexing vulnerability in Cisco routers that could invisibly undermine device integrity and allow attackers to take full control of a router.
Cisco has released a full list of affected products and issued fixes for some. But other fixes remain outstanding, and are still due to be released sometime later this year. The researchers say the problem is caused by a series of hardware design flaws that may be difficult to repair with software patches. Unfortunately, Cisco and the researchers say in the meantime there are no workarounds.
The flaw, designated CVE-2019-164, was discovered by Jatin Kataria, Richard Housley and Ang Cui of Red Balloon Security, which investigates embedded systems. The team is due to present their research into the flaw and techniques for mitigating it in August at the Black Hat security conference in Las Vegas.
"We are unaware of any use of this exploit in the wild, but the potential danger is severe," the researchers write on a website dedicated to the vulnerability, which they have nicknamed Thrangrycat.
Cisco's routers and networking gear are used by governments and large enterprises worldwide, which could make this type of vulnerability extremely valuable for planting backdoors in widely used equipment. And although no attacks have been detected, Red Balloon says intrusion detection and prevention systems would be unable to detect or block this type of attack.
Undermining the Root of Trust
Red Balloon's research focused on Cisco's Trust Anchor module, or TAm, which is a secure, tamper-resistant chip that's part of the "root of trust." It's one of a series of technologies employed during the startup of a Cisco device to ensure that firmware running on the device hasn't been maliciously modified.
Cisco calls that startup process Secure Boot. If the integrity of the software is in question, the router will alert the user and reboot.
Cisco uses a Field Programmable Gate Array - or FPGA - as part of the Secure Boot process. The vulnerability found by the researchers is "an improper check on the area of code that manages on-premise updates," Cisco says in its advisory.
Exploiting the vulnerability could allow an attacker to rewrite the firmware image on the FPGA. Cisco says that could allow attackers to brick the router or in some cases "to install and boot a malicious software image."
When a device is turned on, it says, the FPGA "loads an unencrypted bitstream implementing the hardware Trust Anchor to provide root of trust functionality from a dedicated Serial Peripheral Interface (SPI) flash chip," the researchers warn.
But an attacker who has root privileges on the device can modify that bitstream, which is stored in flash memory, they say.
"Elements of this bitstream can be modified to disable critical functionality in the TAm," they write. "Successful modification of the bitstream is persistent, and the Trust Anchor will be disabled in subsequent boot sequences. It is also possible to lock out any software updates to the TAm's bitstream."
The researchers discovered the vulnerability using a Cisco ASR 1001-X router, which is marketed toward enterprises and managed service providers. Cisco's advisory, however, contains a lengthy list of systems that may be vulnerable. That should be the extent of the products affected, as Cisco says it has investigated all products that employ the hardware-based Secure Boot functionality.
Second Vulnerability - Fixed
One condition for a successful exploit is the need for root access. But along with the disclosure of Thangrycat came another vulnerability found by Red Balloon researcher James Chambers. Good news: Cisco has already pushed a patch for this problem.
The issue, CVE-2019-1862, is a remote command injection vulnerability that affects Cisco's IOS XE 16. IOS is Cisco's operating system that runs on its routers and switches.
According to Cisco's description, an attacker with valid administrative access could exploit it "by supplying a crafted input parameter on a form in the Web UI and then submitting that form." In addition, "a successful exploit could allow the attacker to run arbitrary commands on the device with root privileges, which may lead to complete system compromise."
Red Balloon notified Cisco of both of the vulnerabilities on Nov. 8, 2018, and has been working with Cisco's Product Security Incident Response Team to publicly disclose the flaws. The researchers say thy will analyze Cisco's patches upon release. But they expressed pessimism over the long-term consequences.
"Since Thrangrycat is fundamentally a hardware design flaw, we believe it will be very difficult, if not impossible to fully resolve this vulnerability via a software patch," the Red Balloon researchers write.
Cisco is already warning that the patches will require intense, manual effort to install.
"In most cases, the fix will require an on-premise reprogramming of a low-level hardware component that is required for normal device operation," the company says. "A failure during this reprogramming process may cause the device to become unusable and require a hardware replacement."