A vulnerability in Cisco routers has massive global implications. To compromise the routers, researchers from the security firm Red Balloon exploited two vulnerabilities. The first is a bug in Cisco’s IOS operating system—not to be confused with Apple’s iOS—which would allow a hacker to remotely obtain root access to the devices…The second vulnerability, though, is much more sinister. Once the researchers gain root access, they can bypass the router’s most fundamental security protection. Known as the Trust Anchor, this Cisco security feature has been implemented in almost all of the company’s enterprise devices since 2013…In practice, this means an attacker could use these techniques to fully compromise the networks these devices are on. Given Cisco’s ubiquity, the potential fallout would be enormous.
Source: WIRED