Unpatched Zero-Day Vulnerability Actively Exploited in Cisco IOS XE

Threat Advisories

Unpatched Zero-Day Vulnerability Actively Exploited in Cisco IOS XE

October 18, 2023
Threat Level
Red
Vulnerability Report

For a detailed threat advisory, download the pdf file here

Summary

The critical, unpatched security vulnerability identified as CVE-2023-20198 affects Cisco IOS XE software. Cisco IOS XE is a network operating system used in Cisco network devices. The identified flaw is an authentication bypass zero-day vulnerability within the IOS XE software and is actively exploited in the wild. This vulnerability enables unauthenticated attackers to obtain full administrator privileges and take remote control of affected Cisco routers and switches.

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.

Recent Posts

Join Our Newsletter 14,000+ subscribers and growing! Get top cybersecurity news delivered directly to your inbox.
Sign Up to Receive Our Weekly Threat Digest