Cisco Security Alert – ROMMON Firmware Hack | Networks Are Cool

Cisco Security Alert

Well, it looks like the hackers are at it again. (BTW…I use the term “hackers” as my preferred term “slimy dog-poop scum” is too wordy…but either one works just as well.) Cisco just released a security alert concerning a hack which replaces the ROMMON firmware (the boot firmware) with malicious ROMMON code. This code does work, in terms of booting the router/switch properly, but it also contains malicious code. Fortunately, you do need either privileged access or physical access to the device. Note the credibility level…”Confirmed”.

Check out Cisco’s security alert here.

2 thoughts on “Cisco Security Alert – ROMMON Firmware Hack”

Shane Killen August 14, 2015 at 6:13 pm

Good info. Any idea how to spot it?

sr71rocks Post authorAugust 15, 2015 at 11:21 am

Good question…I’m still reading through everything. There is a way to verify firmware integrity…let me check.

Comments are closed.

Networks Are Cool — A Network Engineer's Blog

Having fun with networks and encouraging the next generation of network engineers

Cisco Security Alert – ROMMON Firmware Hack

2 thoughts on “Cisco Security Alert – ROMMON Firmware Hack”