October 21, 2023 at 12:33AM Cisco has alerted users to a zero-day flaw in IOS XE that has been actively exploited by an unknown threat actor. The flaw, tracked as CVE-2023-20273, allows for privilege escalation and the deployment of a malicious implant. Cisco has identified a fix and recommends disabling the HTTP server feature until … Read more
October 20, 2023 at 06:17PM Cisco has disclosed two high-severity zero-day vulnerabilities, CVE-2023-20198 and CVE-2023-20273, being actively exploited to compromise Cisco IOS XE devices. The company has found fixes for both vulnerabilities and plans to release them on October 22. Over 40,000 devices have already been compromised. System administrators are urged to disable the vulnerable … Read more
October 20, 2023 at 04:12PM Cisco is set to release a patch on October 22 for two zero-day vulnerabilities in its IOS XE devices. One vulnerability, discovered earlier, had already been exploited to compromise over 10,000 devices. A second flaw, identified later, is being used in the same exploit chain. Exploitation is expected to continue … Read more