all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Cisco IOS XE zero-day exploited by attackers to deliver implant (CVE-2023-20198)

Add to bookmarks
Oct. 16, 2023, 7:28 p.m. | Zeljka Zorz

Help Net Security www.helpnetsecurity.com

A previously unknown vulnerability (CVE-2023-20198) affecting networking devices running Cisco IOS XE software is being exploited by a threat actor to take control of the devices and install an implant, Cisco Talos researchers have warned today. About CVE-2023-20198 CVE-2023-20198 is a privilege escalation vulnerability in the web UI feature of Cisco IOS XE software, which is installed on various Cisco controllers, switches, edge, branch and virtual routers. The web UI is an embedded GUI-based tool … More


The post …

0 day actor attack attackers cisco cisco ios cisco ios xe cisco talos control cve devices don't miss escalation exploited feature hot stuff implant install ios networking privilege privilege escalation researchers running software talos the web threat threat actor today vulnerability web zero-day

Visit resource

More from www.helpnetsecurity.com / Help Net Security

ThreatX provides always-active API security from development to runtime an hour ago | www.helpnetsecurity.com
api api security application application protection +19
CyberQP unveils solutions to help MSPs proactively prevent security incidents an hour ago | www.helpnetsecurity.com
account api capabilities cyberqp +16
Triangulation fraud: The costly scam hitting online retailers 5 hours ago | www.helpnetsecurity.com
ai-powered america artificial intelligence attacks +33
Tracecat: Open-source SOAR 5 hours ago | www.helpnetsecurity.com
ai models alerts automation best practices +20
Why the automotive sector is a target for email-based cyber attacks 6 hours ago | www.helpnetsecurity.com
abnormal abnormal security advanced attacks +28
Passwords under seven characters can be easily cracked 6 hours ago | www.helpnetsecurity.com
algorithms can characters crack +17
Security analysts believe more than half of tasks could be automated 7 hours ago | www.helpnetsecurity.com
analysts anomali artificial intelligence automated +22
eBook: Do you have what it takes to lead in cybersecurity? 7 hours ago | www.helpnetsecurity.com
can cybersecurity cybersecurity field cybersecurity teams +15
UK enacts IoT cybersecurity law 20 hours ago | www.helpnetsecurity.com
act and telecommunications consumer cybersecurity +35

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Security Architect - Identity and Access Management Architect (80-100% | Hybrid option)

@ Swiss Re | Madrid, M, ES
View on infosec-jobs.com

Alternant - Consultant HSE (F-H-X)

@ Bureau Veritas Group | MULHOUSE, Grand Est, FR
View on infosec-jobs.com

Senior Risk/Cyber Security Analyst

@ Baker Hughes | IN-KA-BANGALORE-NEON BUILDING WEST TOWER
View on infosec-jobs.com

Offensive Security Engineer (University Grad)

@ Meta | Bellevue, WA | Menlo Park, CA | Seattle, WA | Washington, DC | New York City
View on infosec-jobs.com

Senior IAM Security Engineer

@ Norfolk Southern | Atlanta, GA, US, 30308
View on infosec-jobs.com
View more jobs