Security News > 2023 > October > Cisco Zero-Day Exploited to Implant Malicious Lua Backdoor on Thousands of Devices
2023-10-21 03:46
Cisco has warned of a new zero-day flaw in IOS XE that has been actively exploited by an unknown threat actor to deploy a malicious Lua-based implant on susceptible devices. Tracked as CVE-2023-20273 (CVSS score: 7.2), the issue relates to a privilege escalation flaw in the web UI feature and is said to have been used alongside CVE-2023-20198 as part of an exploit chain. "The attacker first
News URL
https://thehackernews.com/2023/10/cisco-zero-day-exploited-to-implant.html
Related news
- Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack (source)
- Palo Alto Networks zero-day exploited since March to backdoor firewalls (source)
- Palo Alto Networks fixes zero-day exploited to backdoor firewalls (source)
- ArcaneDoor hackers exploit Cisco zero-days to breach govt networks (source)
- Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359) (source)
- State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage (source)
- Week in review: Two Cisco ASA zero-days exploited, MITRE breach, GISEC Global 2024 (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-25 | CVE-2023-20273 | Unspecified vulnerability in Cisco IOS XE A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root. | 7.2 |
| 2023-10-16 | CVE-2023-20198 | Unspecified vulnerability in Cisco IOS XE Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. | 10.0 |