Oddly enough, it seems that there isn't yet a consensus on how consensus works. But from what I understand, consensus is trusted validators looking at the ledger, and certifying it. The only way this would be vulnerable is if a validator orchestrated a 51% attack.