Cisco Warns of Critical Zero-Day Flaw Targeting Internet-Connected Devices

Kansas courts disrupted by widespread security incident, Neuberger hopes other countries will agree not to pay ransoms, Sandworm compromised Ukraine telcos, Fake rocket alert app spreads malware, more

Image by Simon from Pixabay

Cisco Talos urges customers to protect their devices after discovering a critical, actively exploited zero-day vulnerability that gives threat actors full administrative control of networks, affecting as many as 80,000 Internet-connected devices.

The previously unknown vulnerability, tracked as CVE-2023-20198, carries the maximum severity rating of 10. It resides in the Web User Interface of Cisco IOS XE software when exposed to the Internet or untrusted networks. Any switch, router, or wireless LAN controller running IOS XE that has the HTTP or HTTPS Server feature enabled and exposed to the Internet is vulnerable.

Cisco said an unknown threat actor has been exploiting the zero-day since at least September 18. The attacker creates a local user account after using the vulnerability to become an authorized user. In mos…