Security News > 2023 > October > Cisco warns of new IOS XE zero-day actively exploited in attacks
Cisco warned admins today of a new and maximum severity zero-day vulnerability in its IOS XE Software that can let attackers gain full administrator privileges and take complete control of affected routers.
"Cisco has identified active exploitation of a previously unknown vulnerability in the Web User Interface feature of Cisco IOS XE software when exposed to the internet or untrusted networks," the company revealed today.
Cisco identified related activity dating back to September 18 following further investigation into the attacks.
Last month, Cisco cautioned customers to patch another zero-day vulnerability in its IOS and IOS XE software targeted by attackers in the wild.
Cisco urges admins to fix IOS software zero-day exploited in attacks.
Cisco warns of VPN zero-day exploited by ransomware gangs.
News URL
Related news
- Google fixes two Android zero-days used in targeted attacks (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Palo Alto Networks warns of critical RCE zero-day exploited in attacks (source)
- Palo Alto Networks patches two firewall zero-days used in attacks (source)
- Apple fixes two zero-days used in attacks on Intel-based Macs (source)
- Apple Patches Two Zero-Day Attack Vectors (source)
- Japan warns of IO-Data zero-day router flaws exploited in attacks (source)
- Fully patched Cleo products under renewed 'zero-day-ish' mass attack (source)
- New Cleo zero-day RCE flaw exploited in data theft attacks (source)
- Cleo patches critical zero-day exploited in data theft attacks (source)