Cisco released a security advisory for a critical vulnerability (CVE-2023-20198) affecting the Web UI feature of Cisco IOS XE Software. The vulnerability allows a remote, unauthenticated attacker to create an account on an affected system with privilege level 15 access. The attacker can then use that account to gain control of the affected system.
Cisco is aware of active exploitation of this vulnerability, and is urging customers to take immediate action to mitigate the risk. Cisco has not yet released a software patch for this vulnerability, but has provided workarounds in its security advisory.
Australian Government Warns of Cisco IOS XE Software Zero Day Vulnerability
The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has also issued a warning about the active exploitation of the Cisco IOS XE Software Web UI privilege escalation vulnerability. The ACSC is not aware of any successful exploitation attempts against Australian organisations at this time, but is strongly encouraging all organisations using the Web UI feature of Cisco IOS XE Software to follow the recommendations in Cisco’s security advisory.
Recommendations for Cisco IOS XE Software Users
Cisco IOS XE Software users are recommended to take the following actions to mitigate the risk of exploitation of the critical vulnerability in the Web UI feature:
- Disable the Web UI feature if it is not required.
- Implement strong password policies and multi-factor authentication for all users.
- Monitor network traffic for suspicious activity.
- Apply the workarounds provided in Cisco’s security advisory.
Customers are also advised to apply a software patch as soon as it is available from Cisco.
what is Cisco IOS XE
Cisco IOS XE is a network operating system that provides a wide range of features for routing, switching, and security. It is used on a variety of Cisco devices, including Catalyst switches, Nexus switches, and ASR routers.
IOS XE is based on a Linux kernel, which gives it a number of advantages over traditional monolithic operating systems. For example, IOS XE is more scalable, reliable, and secure. It is also easier to manage and automate.
IOS XE supports a wide range of features, including:
- Routing: IOS XE supports a variety of routing protocols, including OSPF, BGP, and IS-IS.
- Switching: IOS XE supports a variety of switching features, including VLANs, trunking, and spanning tree.
- Security: IOS XE includes a variety of security features, such as firewalls, access control lists, and intrusion prevention systems.
IOS XE is a popular choice for enterprise networks because it is scalable, reliable, and secure. It is also easy to manage and automate.
Here are some of the benefits of using Cisco IOS XE Software:
- Scalability: IOS XE is designed to scale to meet the needs of even the largest networks.
- Reliability: IOS XE is highly reliable and can withstand even the most demanding network conditions.
- Security: IOS XE includes a wide range of security features to protect your network from threats.
- Manageability: IOS XE is easy to manage and automate, which can save you time and money.