Hive ProHIVEPRO:9663AC6F44347BB1AC502C29D5D9AD15Unpatched Zero-Day Vulnerability Actively Exploited in Cisco IOS XE
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.013 Low
EPSS
Percentile
84.0%
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The critical, unpatched security vulnerability identified as CVE-2023-20198 affects Cisco IOS XE software. Cisco IOS XE is a network operating system used in Cisco network devices. The identified flaw is an authentication bypass zero-day vulnerability within the IOS XE software and is actively exploited in the wild. This vulnerability enables unauthenticated attackers to obtain full administrator privileges and take remote control of affected Cisco routers and switches. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.
Related
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.013 Low
EPSS
Percentile
84.0%