Security News > 2023 > October > Cisco fixes critical IOS XE bug but malware crew way ahead of them

After a six-day wait, Cisco started rolling out a patch for a critical bug that miscreants had exploited to install implants in thousands of devices.
The flaw in the networking giant's IOS XE software, which allowed criminals to hijack thousands of Cisco switches and routers, first came to light last Monday.
The good news: Cisco kept its Sunday promise and made available the first fixed software release, 17.9.4a, with more updates to come at a still undisclosed date.
On Monday, Cisco updated its security advisory to provide "Enhanced guidance to detect the presence of the implant, after uncovering a new variant that hinders identification of compromised systems," a spokesperson told The Register.
The first fixed release, 17.9.4a, addresses both flaws, and updates for earlier versions will be made available, according to Cisco.
"We have observed that the implant placed on tens of thousands of Cisco devices has been altered to check for an Authorization HTTP header value before responding," the analysts xeeted on Monday.
News URL
https://go.theregister.com/feed/www.theregister.com/2023/10/23/cisco_iosxe_fix/
Related news
- Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware (source)
- SpyNote, BadBazaar, MOONSHINE Malware Target Android and iOS Users via Fake Apps (source)
- Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT (source)
- Cisco fixes max severity IOS XE flaw letting attackers hijack devices (source)
- ⚡ Weekly Recap: APT Campaigns, Browser Hijacks, AI Malware, Cloud Breaches and Critical CVEs (source)