The 2019 Pwnie Winner For Most Under-Hyped Research


Credit: Jatin Kataria and Red Balloon Security

Let’s address the elephant in the room: this is the first and only vulnerability whose name is written with emojis.

The vulnerability itself affects Cisco devices and provides a bypass to their secure boot mechanism.

The bugchain allowed you to own Cisco Routers. Part of the fun here is modifying the FPGA anchor bitstream, which lives in an unprotected flash RAM, as you would expect.