Cisco Systems says it is aware of a limited number of cases where attackers have replaced the boot firmware on devices running its IOS operating system. The attack is the equivalent of replacing the BIOS or UEFI on PCs with a malicious version. The attackers used valid administrative credentials in order to replace the ROMMON image on IOS devices, Cisco said. It’s not clear how the attackers obtained the administrative credentials used in the attacks, but it should serve as a warning for companies with IOS equipment.”]