Need some extra support to improve your organization’s cybersecurity and resilience? DataLink can help.
Track Cisco’s updated advisory:
Multiple Vulnerabilities in Cisco IOS XE Software Web UI Feature
Cisco has issued patches to resolve the recent intrusion that impacted thousands of their devices.
- The attacker first exploited CVE-2023-20198 to gain initial access and issued a privilege 15 command to create a local user and password combination. This allowed them to log in with normal user access.
- The attacker then exploited another component of the web UI feature, leveraging the new local user to elevate privilege to root and write the implant to the file system.
The vulnerabilities were discovered during the resolution of multiple Cisco TAC support cases.
Jump right to Cisco’s recommended mitigations here
Datalink makes cybersecurity easy. Let’s talk about hardening your defenses.
Contact us today.
(410) 729-0440 | Email