Listed as CVE-2023-20198, this vulnerability has been assigned the maximum severity rating of 10.0 on the CVSS scoring system. Security Advisory: CVE-2023-20198 - Unpatched CISCO Zero-Day Vulnerability #Cisco #SecurityAlert #ZeroDayVulnerability The exploitation of this vulnerability can lead to malicious actors gaining full control over network devices. It's essential for administrators with Cisco equipment to take immediate action and implement protective measures as outlined by Cisco. Two specific IP addresses identified as exploiting the vulnerability are 5.149.24974 and 11.Ĭarefully review and monitor system logs for suspicious activity.įor detailed guidance, refer to Cisco’s official advisory: CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z Suspect admin accounts might be named “cisco_tac_admin” or “cisco_support”. Monitor for potential breaches by searching for new or unexplained users on devices. Cisco has stressed that this feature should never be active on such systems. Estimates suggest up to 80,000 Internet-connected devices could be affected.Ĭurrent Status: Cisco's Talos security team has provided immediate measures to counteract this threat.ĭeactivate the HTTP and HTTPS server feature on any Internet-facing systems. Vulnerable Products: Any Cisco switch, router, or wireless LAN controller running IOS XE with the HTTP or HTTPS Server feature enabled and exposed online. The implant is temporary, being eliminated upon reboot, but created user accounts persist. Upon exploitation, attackers have primarily been deploying an implant, enabling them to run malicious commands. Impact: Allows attackers to create an admin-level account, granting them full control of the compromised device.Įxploitation: Active exploitation has been observed since at least September 18. Severity Rating: 10 out of 10 – the highest severity. Urgent Security Alert: Cisco Zero-Day Vulnerability Under Active ExploitationĬisco has identified a grave zero-day vulnerability (CVE-2023-20198) within the Web User Interface of their IOS XE software, posing a significant threat to exposed Internet and untrusted networks.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |