all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Active exploitation of Cisco IOS XE Software Web Management User Interface vulnerability

Add to bookmarks
Oct. 16, 2023, 3:40 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

Overview 


  • Cisco has identified active exploitation of a previously unknown vulnerability in the Web User Interface (Web UI) feature of Cisco IOS XE software (CVE-2023-20198) when exposed to the internet or untrusted networks. This affects both physical and virtual devices running Cisco IOS XE software that also have the HTTP or HTTPS Server feature enabled.  

  • Successful exploitation of this vulnerability allows an attacker to create an account on the affected device with privilege level 15 access, effectively granting them full …

cisco cisco ios cisco ios xe cve devices exploitation exposed feature interface internet ios management networks physical running software the web untrusted user interface virtual vulnerability web

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

In it to win it! WeLiveSecurity shortlisted for European Security Blogger Awards 15 hours ago | malware.news
article awards blog blogger +6
How to talk about climate change – and what motivates people to action: An interview … 15 hours ago | malware.news
action anxiety change channel +9
Dell says names, addresses leaked after hacker claims access to 49M records 1 day, 3 hours ago | malware.news
access addresses article claims +14
2024-05-09: GootLoader activity 1 day, 6 hours ago | malware.news
analysis article gootloader link +5
Emerald Divide Uses GenAI to Exploit Social, Political Divisions in Israel Using Disinformation 1 day, 7 hours ago | malware.news
bad bad actors collaboration companies +21
Insights: FortiGuard Labs' Threat Landscape Report for H2 2023, Part 1 1 day, 8 hours ago | malware.news
article cybercriminals derek manky exploiting +12
Insights: FortiGuard Labs Threat Landscape Report for H2 2023, Part 2 1 day, 8 hours ago | malware.news
article cyberattacks derek manky fortiguard +12
F5 Fixes Critical RCE Bugs in BIG-IP Next Central Manager 1 day, 9 hours ago | malware.news
accounts attacker big big-ip +16
Google patches fifth Chrome zero-day of 2024 1 day, 9 hours ago | malware.news
article bug chrome chrome zero-day +12

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

G230ISSO2 - Mid Level Information System Security Officer - Cleared

@ NiSUS Technologies | Annapolis Junction, Maryland, United States
View on infosec-jobs.com

Security Incident Response Engineer

@ Oracle | JALISCO, Mexico
View on infosec-jobs.com

Security Compliance Specialist

@ Cloudflare, Inc. | Hybrid or Remote
View on infosec-jobs.com

Senior Security DevOps

@ SAP | Sofia, BG, 1407
View on infosec-jobs.com

Senior Cyber Security Engineer

@ Node.Digital | Dulles, Virginia, United States
View on infosec-jobs.com

Manager, Data Insights and Forensics

@ Kroll | New York City, United States
View on infosec-jobs.com
View more jobs