Security News > 2023 > October > Cisco warns of new IOS XE zero-day actively exploited in attacks
Cisco warned admins today of a new and maximum severity zero-day vulnerability in its IOS XE Software that can let attackers gain full administrator privileges and take complete control of affected routers.
"Cisco has identified active exploitation of a previously unknown vulnerability in the Web User Interface feature of Cisco IOS XE software when exposed to the internet or untrusted networks," the company revealed today.
Cisco identified related activity dating back to September 18 following further investigation into the attacks.
Last month, Cisco cautioned customers to patch another zero-day vulnerability in its IOS and IOS XE software targeted by attackers in the wild.
Cisco urges admins to fix IOS software zero-day exploited in attacks.
Cisco warns of VPN zero-day exploited by ransomware gangs.
News URL
Related news
- DarkGate Malware Exploited Recently Patched Microsoft Flaw in Zero-Day Attack (source)
- Cisco warns of password-spraying attacks targeting VPN services (source)
- Microsoft fixes two Windows zero-days exploited in malware attacks (source)
- Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack (source)
- Palo Alto Networks warns of PAN-OS firewall zero-day used in attacks (source)
- Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack (source)
- Week in review: Palo Alto Networks firewalls under attack, Microsoft patches two exploited zero-days (source)
- Cisco warns of large-scale brute-force attacks against VPN services (source)
- Fire in the Cisco! Networking giant's Duo MFA message logs stolen in phish attack (source)
- Cisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH Services (source)