"Cisco Unveils Zero-Day Exploits and Pledges Swift Fixes for Thousands of Devices"
Cisco has issued a warning about a zero-day flaw in its IOS XE software that has been actively exploited by unknown threat actors to deploy a malicious Lua-based implant on vulnerable devices. The flaw, tracked as CVE-2023-20273, allows for privilege escalation through a web UI feature and has been used in conjunction with another vulnerability, CVE-2023-20198, to create an exploit chain. Cisco has identified a fix for both vulnerabilities, which will be available to customers starting October 22, 2023. In the meantime, it is recommended to disable the HTTP server feature. Over 41,000 Cisco devices running the vulnerable software are estimated to have been compromised, primarily affecting smaller entities and individuals.