AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Serious zero-day vulnerability in Cisco's IOS XE software: attackers can take control of routers and switches

Serious security risk for Cisco devices: a zero-day vulnerability puts routers and switches at risk

Cisco has found a serious vulnerability in its IOS XE software that allows unauthenticated hackers to gain full administrator privileges and remote control of routers and switches. To mitigate risk, Cisco recommends disabling the HTTP server feature on devices exposed to the Internet.

This pill is also available in Italian language

Cisco has issued a critical security alert to administrators regarding a serious zero-day authentication bypass vulnerability in its IOS XE software. This flaw allows unauthenticated attackers to gain full administrator privileges and take complete control of routers and switches remotely.

Devices with the web UI enabled

This critical vulnerability has been officially identified with the code CVE-2023-20198 and is still awaiting a patch. It only affects devices that have the Web User Interface (Web UI) feature enabled, in combination with the HTTP or HTTPS Server feature enabled.

Attacks in progress and the ability to create accounts

Cisco has identified the active execution of this previously unknown vulnerability in the Web User Interface (Web UI) component of Cisco IOS XE Software. It is important to note that exploitation of the vulnerability is possible when such devices are exposed to the Internet or untrusted networks.

Cisco recommended mitigation measures

To mitigate this threat, Cisco recommends that administrators disable the HTTP server feature on systems exposed to the Internet, effectively eliminating the attack vector and blocking potential attacks. The company recommends customers to use commands like no ip http server or no ip http secure-server in global configuration mode to completely disable the HTTP server feature. Additionally, after disabling this feature, the copy running-configuration startup-configuration command should be run to ensure that the HTTP server feature is not unexpectedly enabled during system reboots.

Follow us on Google News for more pills like this

10/17/2023 08:37

Marco Verro

Last pills

Zero-day threat on Android devices: Samsung prepares a crucial updateFind out how Samsung is addressing critical Android vulnerabilities and protecting Galaxy devices from cyber threats

CrowdStrike: how a security update crippled the tech worldGlobal impact of a security update on banking, transportation and cloud services: what happened and how the crisis is being addressed

Checkmate the criminal networks: the Interpol operation that reveals the invisibleFind out how Operation Interpol exposed digital fraudsters and traffickers through extraordinary global collaboration, seizing luxury goods and false documents

Google Cloud security predictions for 2024: how AI will reshape the cybersecurity landscapeFind out how AI will transform cybersecurity and address geopolitical threats in 2024 according to Google Cloud report