Exploit released for critical Cisco IOS XE flaw, many hosts still hacked

October 30, 2023 at 11:15PM Public exploit code for the critical Cisco IOS XE vulnerability (CVE-2023-20198) is now available, which has been used to hack tens of thousands of devices. Cisco has released patches for most IOS XE software releases, but internet scans show that thousands of systems are still compromised. Researchers have provided details … Read more

Cisco Finds New Zero Day Bug, Pledges Patches in Days

October 20, 2023 at 04:12PM Cisco is set to release a patch on October 22 for two zero-day vulnerabilities in its IOS XE devices. One vulnerability, discovered earlier, had already been exploited to compromise over 10,000 devices. A second flaw, identified later, is being used in the same exploit chain. Exploitation is expected to continue … Read more

Number of Cisco Devices Hacked via Unpatched Vulnerability Increases to 40,000

October 19, 2023 at 07:06AM Approximately 40,000 Cisco devices have been hacked through an unpatched vulnerability in the IOS XE. The vulnerability, identified as CVE-2023-20198, allows attackers to escalate privileges and gain control of the system. Cisco has not released patches and warns that the vulnerability has been exploited as a zero-day since mid-September. Vulnerability … Read more

Tens of Thousands of Cisco Devices Hacked via Zero-Day Vulnerability

October 18, 2023 at 07:00AM Tens of thousands of Cisco devices have been hacked through a newly disclosed zero-day vulnerability, CVE-2023-20198. Cisco is working on a patch, but in the meantime, customers are advised to implement mitigations. The vulnerability allows attackers to gain elevated privileges and complete control over targeted systems. Cybersecurity companies have observed … Read more

Zero-Day Alert: Ten Thousand Cisco IOS XE Systems Now Compromised

October 17, 2023 at 03:19PM Thousands of Internet exposed Cisco IOS XE devices have been infected by a threat actor exploiting an unpatched vulnerability. Cisco has disclosed the flaw, which allows arbitrary code execution, with a severity rating of 10 out of 10. The attacks have a global footprint and the compromised systems all have … Read more

Cisco Devices Hacked via IOS XE Zero-Day Vulnerability

October 17, 2023 at 07:12AM Cisco has issued a warning about a zero-day vulnerability, CVE-2023-20198, affecting its IOS XE software. The vulnerability allows remote attackers to gain privileged access and take control of devices, potentially modifying network routing rules and exfiltrating data. Cisco has observed active exploitation of the vulnerability and is working on a … Read more

Critical, Unpatched Cisco Zero-Day Bug Is Under Active Exploit

October 16, 2023 at 04:52PM Cisco has disclosed a critical zero-day vulnerability in the Web User Interface of its IOS XE operating system. The flaw, assigned as CVE-2023-20198, affects all Cisco IOS XE devices with the Web UI feature enabled and allows attackers to create an account with complete device control. Cisco advises customers to … Read more