#iosxe — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #iosxe, aggregated by home.social.
-
Cisco Confirms Critical CVE-2025-20352 Zero-Day RCE Vulnerability Under Active Exploitation https://thecyberexpress.com/cisco-ios-rce-vulnerability-cve-2025-20352/ #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE202520352 #CyberNews #CiscoIOS #IOSXE #PSIRT #RCE
-
Cisco Confirms Critical CVE-2025-20352 Zero-Day RCE Vulnerability Under Active Exploitation https://thecyberexpress.com/cisco-ios-rce-vulnerability-cve-2025-20352/ #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE202520352 #CyberNews #CiscoIOS #IOSXE #PSIRT #RCE
-
Cisco Confirms Critical CVE-2025-20352 Zero-Day RCE Vulnerability Under Active Exploitation https://thecyberexpress.com/cisco-ios-rce-vulnerability-cve-2025-20352/ #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE202520352 #CyberNews #CiscoIOS #IOSXE #PSIRT #RCE
-
Cisco Confirms Critical CVE-2025-20352 Zero-Day RCE Vulnerability Under Active Exploitation https://thecyberexpress.com/cisco-ios-rce-vulnerability-cve-2025-20352/ #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE202520352 #CyberNews #CiscoIOS #IOSXE #PSIRT #RCE
-
⚠️ Kritisk sårbarhet i Cisco IOS XE Wireless Controller – godtycklig filuppladdning möjlig. CVSS-score på 10 av 10 möjliga!
#Cisco #IOSXE #CiscoWLC #CVSS10 #CVE202520188 #Sårbarhet #Informationssäkerhet #ITsäkerhet #RootAccess #RCE #JWT #HardCodedCredentials #PathTraversal #WirelessLAN #Catalyst9800 #Nätverkssäkerhet #Sårbarhetsanalys #Exploit #Cybersecurity #SecurityAdvisory
-
🚨 #Cisco #IOSXE #CVE-2023-20198 #CVE-2023-20273
It's been a while, exploit activity has decreased || mostly consists of Auth Bypass + simple recon.
However, we recently found a new version of the Implant 👀 No clear #attribution for now, original TA or copycat? #IoC ⬇️
Since the MO and Implant code of the original TA are widely known by now we can't tie it to them confidently.
What stands out in this case:
1. new path (84c8bc4.html) + 404 return
2. separation of the Implant delivery and C2 infra:138.122.193[.]157📥
134.122.75[.]64📣The commands issued during the Implant delivery stayed the same for the most part, although now the attacker calculated SHA-1 hashsums of dropped files to read back and verify their integrity.
/var/www/f099.css
/tmp/pvp_coco
/tmp/pvp_wd_runDid anyone spot similar activity? We'd love to hear from you!
Thanks for reading today's thread 🍪
-
🚨 #Cisco #IOSXE #CVE-2023-20198 #CVE-2023-20273
We updated our #IoC for exploit attempts that hit our honeypot. You can find them on #GitHub: https://github.com/SIFalcon/research/blob/main/CVE-2023-20198/ioc.txt
Based on modus operandi and infrastructure we managed to cluster certain attacking hosts togehter ⬇️
We also saw new traffic to the Implant, this time from 107.175.229[.]142, again via the user "cisco_support". Executed recon commands include:
show ip interface brief
show ip dns view
show ip name-servers -
Cisco IOS XE und die verschwundenen Hintertüren
Die Anzahl der offensichtlich kompromittierten Geräte ist auch in Deutschland schlagartig gefallen, was wohl kaum an den gerade erschienenen Patches liegt.
-
New Cisco IOS XE zero day vulnerability has been disclosed as CVE-2023-20198.
This vulnerability is being actively exploited with thousands of Cisco IOS XE devices being breached.
This vulnerability has a CVSS score of 10/10 and affects any Cisco IOS XE devices with HTTP/HTTPS service enabled & is Internet facing. Successful exploitation by the attacker could allow them to create admin-level accounts & take over the network.
https://arstechnica.com/security/2023/10/actively-exploited-cisco-0-day-with-maximum-10-severity-gives-full-network-control/
#infosec #cybersecurity #Cisco #IOSXE #CVE_2023_20198 #zeroday -
"🚨 Critical Vulnerability in Cisco IOS XE Software Web UI! 🚨"
Cisco has identified a critical privilege escalation vulnerability in the web UI feature of Cisco IOS XE Software. If exposed to the internet or untrusted networks, this flaw allows remote, unauthenticated attackers to create an account with privilege level 15 access, potentially gaining control of the affected system. 🕸️💻
Cisco is actively aware of the exploitation of this vulnerability. The issue was discovered during the resolution of multiple Cisco TAC support cases. There are currently no workarounds available. However, Cisco recommends disabling the HTTP Server feature on all internet-facing systems as a precautionary measure. 🚫🌐
For more details and to check if your system might be affected, visit the official advisory: Cisco Security Advisory
Tags: #Cisco #IOSXE #WebUI #Vulnerability #PrivilegeEscalation #CyberSecurity #InfoSec #PatchNow 🛡️🔐
-
"Mehr als 15 Millionen verwundbare Systeme mit #Schwachstellen aus dem Known-Exploited-Vulnerabilities-Catalog (#KEV) der US-Cyber-#Sicherheitsbehörde #CISA haben IT-Sicherheitsforscher von Rezilion mit der Datenbank #Shodan aufgespürt."
#KRITIS #Security #Exploits #Windows #AdobeFlashPlayer #InternetExplorer #MicrosoftOffice #GoogleChrome #AppleiOS #CiscoIOS #IOSXE
-
Updates beseitigen eine lokale Angriffsmöglichkeit mit hoher Risiko-Einstufung. Weitere Aktualisierungen schließen "Medium"-Lücken in anderen Cisco-Produkten.
Cisco: Schwachstelle in IOS XE (SD-WAN) macht mehrere Produkte angreifbar -
Der Netzwerkausrüster hat jede Menge Sicherheitslücken geschlossen. Erfolgreiche Attacken können gefährliche Auswirkungen haben.
Sicherheitsupdates: Kritische Admin-Lücke mit Höchstwertung bedroht Cisco-Geräte -
Der Netzwerkausrüster Cisco hat für verschiedene Produkte Patches veröffentlicht, die mehrere Sicherheitslücken schließen. Sicherheitsupdates: Admin-Lücke bedroht Cisco Business Process Automation -
Admins aufgepasst: Vor dem Start ins Wochenende warten noch Updates für IOS und IOS XE, die insgesamt 34 Schwachstellen mit hoher Risikoeinstufung schließen.
Security-Updatepaket für Ciscos Netzwerkbetriebssysteme IOS und IOS XE -
Verschiedene Router des Netzwerkausrüsters Cisco sind angreifbar. Sicherheitspatches stehen noch aus.
Cisco kämpft mit kritischer Telnet-Lücke im IOS-XE-Betriebssystem
#Cisco #IOSXE #Patchday #Sicherheitslücken #Telnet #Update #Workaround