![]() Vulnerable Products: Any Cisco switch, router, or wireless LAN controller running IOS XE with the HTTP or HTTPS Server feature enabled and exposed online. ![]() The implant is temporary, being eliminated upon reboot, but created user accounts persist. Upon exploitation, attackers have primarily been deploying an implant, enabling them to run malicious commands. Impact: Allows attackers to create an admin-level account, granting them full control of the compromised device.Įxploitation: Active exploitation has been observed since at least September 18. ![]() Severity Rating: 10 out of 10 – the highest severity. Urgent Security Alert: Cisco Zero-Day Vulnerability Under Active ExploitationĬisco has identified a grave zero-day vulnerability (CVE-2023-20198) within the Web User Interface of their IOS XE software, posing a significant threat to exposed Internet and untrusted networks. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |