Researchers have discovered a severe vulnerability in Cisco products that could allow attackers to implant persistent backdoor on wide range devices used in enterprises and government networks. The vulnerability, discovered by researchers from security firm Red Balloon, affects multiple Cisco products. The full details of the vulnerabilities will be released at this year’s Black Hat USA security conference in August. Red Balloon Security privately reported the issues to Cisco in November 2018 and only release some details to the public after Cisco issued firmware patches to address both flaws and listed all affected products.
Source: https://thehackernews.com/2019/05/cisco-secure-boot-bypass.html