Millions Of Cisco Routers Around the World Have One Big Security Flaw

Security researchers have discovered two big new vulnerabilities in popular Cisco routers which are used by hundreds of

Security researchers have discovered two big new vulnerabilities in popular Cisco enterprise routers that are used by hundreds of millions around the globe.

One vulnerability is particularly troubling – it allows hackers to bypass the “Trust Anchor” hardware feature, which is just about as fundamental to the routers’ security as it sounds like it is.

We explain what you need to know about the Cisco router security flaw, and what you can do if you own a Cisco router yourself.

What’s Wrong With the Cisco Routers?

The vulnerabilities were found by researchers at security firm Red Balloon. The first one lets hackers gain root access to the routers thanks to a bug in Cisco’s operating system. It’s not too uncommon as bugs go, and Cisco has already issued a Security Advisory to help business IT teams address and patch it.

The second vulnerability is the rough one. Red Balloon was able to bypass the “Trust Anchor” security feature on the Cisco ASR 1001-X series router. This has been a key security element in “almost all of the company’s enterprise devices since 2013,” according to Wired. The vulnerability forces a device to boot normally even when it detects a security breach, compromising all data that flows through the router.

While demonstrated solely on the 1001-X series router, this exploit can be given device-specific modifications that would allow it to completely compromise routers, network switches, and firewalls across over 100 Cisco product families around the globe.

Cisco has since issued a patch for this vulnerability. But, the Red Balloon researchers believe it might not be possible to fully quash the problem without physically adapting the hardware itself.

Cisco Router Bug Implications

The full implications of this news are huge, given the sheer number of Cisco routers in use worldwide, and their importance in enterprise infrastructures.

And if all that wasn’t bad enough, it gets worse. The researchers hold that the nature of these vulnerabilities could guide the way towards entirely new manipulations of a core element of the Trust Anchor, FPGA bitstreams. This, in turn, could affect devices beyond those produced by Cisco.

If there’s an upside here, it’s that there’s no evidence that the vulnerability has been actively exploited by bad actors. As mentioned earlier, Cisco has published alerts on the two big risks to help patch it.

Naturally, Cisco stock dropped 4% right after the news broke, but has partially rebounded already. Meanwhile, one litigation firm has put out feelers to see if there’s any legal action to be taken against the company.

Still, this certainly isn’t the first big security risk for a major tech company, and won’t be last. In the end, it’s another example of how tech security protocols are a constant uphill battle.

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Written by:
Adam is a writer at Tech.co and has worked as a tech writer, blogger and copy editor for more than a decade. He was a Forbes Contributor on the publishing industry, for which he was named a Digital Book World 2018 award finalist. His work has appeared in publications including Popular Mechanics and IDG Connect, and his art history book on 1970s sci-fi, 'Worlds Beyond Time,' was a 2024 Locus Awards finalist. When not working on his next art collection, he's tracking the latest news on VPNs, POS systems, and the future of tech.
Explore More See all news
Back to top
close Thinking about your online privacy? NordVPN is Tech.co's top-rated VPN service See Deals