Critical Cisco IOS XE Software Bug – Zero-day vulnerability
October 20, 2023

Cisco has identified a zero-day vulnerability in the Web User Interface (Web UI) feature of Cisco IOS XE software, which is used in a wide range of networking devices. This affects physical and virtual devices running Cisco IOS XE software. This vulnerability allows a remote, unauthenticated attacker to create an account, then use it to take control of the system and compromise the network. There is no current patch for this vulnerability. Cisco recommends disabling the HTTP Server feature on all affected internet-facing systems.

In these circumstances, the only mitigation available is monitoring those devices for user creations and privilege escalations – which is a core function of SECNAP’s security platform and SOC service. With SECNAP Network Security, you get an unparalleled blend of protection, detection, and response capabilities, all bundled into one powerful package called CloudJacketXi.

SECNAP CloudJacketXi

Ensure your organization has robust cybersecurity protection that quickly identifies and contains potential breaches.

I want to learn more about SECNAP's solutions.

Stay up-to-date with the latest news and trends in cyber security. Follow SECNAP Network Security’s social media channels and get valuable insights, tips, and information to help protect your organization from online threats:

More Related Posts