The failure known as “😾😾😾” (CVE-2019-1649) allows an attacker to perform a bypass on the Trust Anchor module (TAm). The TAm is a mechanism that is considered the “root of trust” which supports all of Cisco’s other trusted security and computing mechanisms. The module stops manipulation of the Field Programmable Gate Array (FPGA) bit stream.
The researchers said the flaw allows “attackers to make persistent modifications to the Trust Anchor module via FPGA bitstream modification, thus defeating the safe boot process and invalidating the Cisco trust chain. Although failures are hardware-based, ‘😾😾😾’ can be exploited remotely, without the need for physical access. Because failures reside in hardware design, it is unlikely that any software security patch will fully resolve the vulnerability of fundamental security.”
A good example of how the “😾😾😾” fault can be exploited remotely is the other fault (CVE-2019-1862) encountered by the same team of researchers in the Cisco IOS XE web interface. The fault allows an attacker (already authenticated) to execute commands in the device’s Linux shell, with root privileges.
More details on these vulnerabilities will be reported in this year’s Black Hat USA Security Conference.