Security News > 2023 > October > Cisco patches IOS XE zero-days used to hack over 50,000 devices

Cisco patches IOS XE zero-days used to hack over 50,000 devices
2023-10-23 14:08

Cisco has addressed the two vulnerabilities that hackers exploited to compromise tens of thousands of IOS XE devices over the past week.

Both vulnerabilities, which Cisco tracks as CSCwh87343, are in the web UI of Cisco devices running the IOS XE software.

On Cisco devices, permissions to issue commands are locked into levels from zero to 15, with zero providing five basic commands and 15 being the most privileged level that provides complete control over the device.

We can't know for sure until Cisco completes its investigation and provides a public report or other security researchers come to a conclusion analyzing a breached Cisco IOS XE system.

Over 40,000 Cisco IOS XE devices infected with backdoor using zero-day.

Over 10,000 Cisco devices hacked in IOS XE zero-day attacks.


News URL

https://www.bleepingcomputer.com/news/security/cisco-patches-ios-xe-zero-days-used-to-hack-over-50-000-devices/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 2046 21 1773 1669 288 3751