Archived Content

In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
Alert

Evolution in Attacks Against Cisco IOS Software Platforms

Last Revised

Cisco has observed increasingly complex attacks that could allow an attacker to gain administrative access to a Cisco IOS device by installing a malicious ROMMON image. Successful exploitation using this image could allow an attacker to manipulate device behavior after the device is rebooted.

US-CERT encourages users and administrators to review the Cisco Security Activity Bulletin and apply recommendations to protect Cisco IOS devices.

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts

We recently updated our anonymous product survey; we welcome your feedback.