"Thousands of Cisco IOS XE Devices Hacked in Widespread Attacks"

Attackers have exploited a recently disclosed critical zero-day vulnerability to infect thousands of Cisco IOS XE devices with malicious implants. According to the threat intelligence company VulnCheck, the maximum severity vulnerability, tracked as CVE-2023-20198, has been widely exploited in attacks against Cisco IOS XE routers and switches with the Web User Interface (Web UI) and HTTP or HTTPS Server feature enabled. VulnCheck scanned Internet-facing Cisco IOS XE web interfaces and found that there are thousands of compromised and infected hosts. The company also released a scanner for detecting these implants on affected devices. This article continues to discuss the infection of thousands of Cisco IOS XE devices with malicious implants.

Bleeping Computer reports "Thousands of Cisco IOS XE Devices Hacked in Widespread Attacks"

Submitted by grigby1