Security News > 2023 > October > Cisco discloses new IOS XE zero-day exploited to deploy malware implant
Cisco disclosed a new high-severity zero-day today, actively exploited to deploy malicious implants on IOS XE devices compromised using the CVE-2023-20198 zero-day unveiled earlier this week.
On Monday, Cisco disclosed that unauthenticated attackers have been exploiting the CVE-2023-20198 authentication bypass zero-day since at least September 18 to hack into IOS XE devices and create "Cisco tac admin" and "Cisco support."
As revealed today, the CVE-2023-20273 privilege escalation zero-day is then used to gain root access and take complete control over Cisco IOS XE devices to deploy malicious implants that enable them to execute arbitrary commands at the system.
Last month, Cisco warned customers to patch another zero-day bug in its IOS and IOS XE software, also targeted by attackers in the wild.
Over 10,000 Cisco devices hacked in IOS XE zero-day attacks.
Cisco warns of new IOS XE zero-day actively exploited in attacks.
News URL
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-25 | CVE-2023-20273 | OS Command Injection vulnerability in Cisco IOS XE A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root. | 7.2 |
| 2023-10-16 | CVE-2023-20198 | Unspecified vulnerability in Cisco IOS XE Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. | 10.0 |