Cisco disclosed a new high-severity zero-day vulnerability (CVE-2023- 20273) that is actively being exploited to deploy malicious implants on IOS XE devices.
Cisco recently disclosed a new high severity vulnerability which affects Web UI feature of Cisco IOS XE devices.
This newly identified flaw tracked as CVE-2023-20273, is actively being exploited to deploy malicious implants on IOS XE devices.
This vulnerability is linked with another zero-day vulnerability (CVE-2023-20198) that was disclosed earlier by Cisco. The advisory updates the guidance given earlier in SQTK_ADV_2023_0051 – Vulnerability in Cisco IOS XE.
According to Cisco, fixes for both CVE-2023-20198 and CVE-2023-20273 are now available.