Patch arrives for Cisco’s IOS XE

7 months ago AndyC

Cisco has announced a fix for a vulnerability in its IOS XE software that allowed attackers to create privileged accounts on vulnerable devices.

<div>Patch arrives for Cisco's IOS XE</div>

Cisco has announced a fix for a vulnerability in its IOS XE software that allowed attackers to create privileged accounts on vulnerable devices.




Patch arrives for Cisco's IOS XE










The vendor said last week that the vulnerability was under exploitation by attackers, and promised to update customers when a patch was available.

On October 22, it updated its advisory to confirm a patch is now available.

At the same time, the company also expanded the scope of the advisory.

In addition to the original vulnerability, CVE-2023-20198, Cisco’s investigation revealed a second zero-day bug used in the attacks, designated CVE-2023-20273.

The attackers utilised the account they created using CVE-2023-20198 to exploit CVE-2023-20273.

“The attacker then exploited [CVE-2023-20273] leveraging the new local user to elevate privilege to root and write the implant to the file system,” the updated advisory said.

Users unable to upgrade can disable the web UI.

Fixes have been released for IOS XE versions 17.9, 17.6, 17.3, and for Catalyst 2650 and 3850 units, 16.12.

IOS XE is a Linux-based variant of Cisco’s IOS operating system, and is used in a variety of switch, router, and virtual router products.



About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , ,

More Stories

Infinigate sets ambitious goals for FY 2024-2025 expansion

Infinigate sets ambitious goals for FY 2024-2025 expansion

2 hours ago AndyC
Object First reinforces Partner Program amid rising ransomware threats

Object First reinforces Partner Program amid rising ransomware threats

2 hours ago AndyC
NetApp boosts cybersecurity with air-gapped data vault

NetApp boosts cybersecurity with air-gapped data vault

2 hours ago AndyC
<div>Trustwave report highlights public sector's cyber vulnerabilities</div>

Trustwave report highlights public sector’s cyber vulnerabilities

14 hours ago AndyC
Gigamon celebrates partner excellence at ANZ awards ceremony

Gigamon celebrates partner excellence at ANZ awards ceremony

14 hours ago AndyC
Cyber Expert Says Budget Investment a Matter of National Importance

Cyber Expert Says Budget Investment a Matter of National Importance

17 hours ago AndyC

You may have missed

Infinigate sets ambitious goals for FY 2024-2025 expansion

Infinigate sets ambitious goals for FY 2024-2025 expansion

2 hours ago AndyC
Object First reinforces Partner Program amid rising ransomware threats

Object First reinforces Partner Program amid rising ransomware threats

2 hours ago AndyC
NetApp boosts cybersecurity with air-gapped data vault

NetApp boosts cybersecurity with air-gapped data vault

2 hours ago AndyC

Why You Need a Personal VPN

2 hours ago AndyC
A Tornado Cash developer has been sentenced to 64 months in prison

A Tornado Cash developer has been sentenced to 64 months in prison

2 hours ago AndyC

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.