Advisory

Cisco finally releases patches for IOS XE vulneabilities

Take action: Now you can patch your Cisco IOS XE routers. We sincerely hope you have already deactivated the HTTP server on public interfaces, and haven't been hacked. Don't delay the patch, since someone may attack the same HTTP server on an internal interface.

Learn More

Cisco has released patches to address two zero-day vulnerabilities in its Cisco IOS XE system software, affecting devices such as routers and switches.

The patches available for download through Cisco's software portal, and customers without service contracts can contact Cisco support for assistance.

These vulnerabilities, CVE-2023-20198 and CVE-2023-20273, allowed attackers to gain privileged access and execute commands with root privileges, with the former rated as critical and the latter as high severity.

The vulnerabilites were actively exploited, with the number of affected and compromised devices varying wildly, from several hundred to multiple tens of thousands.

Cisco finally releases patches for IOS XE vulneabilities
Read More
SonicWall Gen 7 firewalls targeted with SSL VPN …
Critical Unauthenticated Root Vulnerability in Grandstream GXP1600 VoIP …
Akira ransomware gang attacks Nutanix VMs with multiple …
SolarWinds reports vulnerabilities in Access Rights Manager, one …
Palo Alto Networks alerts of critical PAN-OS firewall …