Sign up to save your podcasts
Or
Share CyberWeekly Breaking News - October 17th, 2023 - Cisco IOS XE Software CVSS 10.0
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
CyberWeekly Breaking News - October 17th, 2023 - Cisco IOS XE Software CVSS 10.0
Cisco is aware of active exploitation of a previously unknown vulnerability in the web UI feature of Cisco IOS XE Software when exposed to the internet or to untrusted networks. This vulnerability allows a remote, unauthenticated attacker to create an account on an affected system with privilege level 15 access. The attacker can then use that account to gain control of the affected system.
For more information:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z
View all episodes
By Wayne R. Selk, VP, Cybersecurity Programs & Executive Director, CompTIA ISAOCisco is aware of active exploitation of a previously unknown vulnerability in the web UI feature of Cisco IOS XE Software when exposed to the internet or to untrusted networks. This vulnerability allows a remote, unauthenticated attacker to create an account on an affected system with privilege level 15 access. The attacker can then use that account to gain control of the affected system.
For more information:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z