Cisco Rolling Out Fix for Critical Software Bug on Oct. 22
It took a while, But Cisco is close to releasing a patch to fix a critical flaw in the company’s software that a hacking group has been actively exploiting.
Customers can expect Cisco to roll out the patch on Sunday, Oct. 22, the company said in an updated advisory. In addition, the vendor has identified a second flaw that hackers have been abusing to hijack affected Cisco devices.
On Monday, the company warned the public about CVE-2023-20198, a vulnerability in Cisco IOS XE software used across the company’s routers, switches, and wireless controller products. Starting last month, Cisco detected a mysterious hacking group exploiting the flaw to gain remote access to customer devices.
Cisco originally thought CVE-2023-20198 enabled the attackers to gain full system privileges on an affected device. But in Friday’s update, the company said it only allowed the hackers to “create a local user and password combination” for normal access. To gain root access to Cisco devices for a full takeover, the group has also been abusing a second flaw, dubbed CVE-2023-20273.
“We have now identified a fix that covers both vulnerabilities and estimate initial releases will be available to customers starting October 22,” Cisco told PCMag in a statement.
The bad news is that possibly tens of thousands of Cisco devices have already been taken over. On Friday, the nonprofit security group Shadowserver detected evidence that over 37,000 Cisco devices across the globe have been tampered with. That said, only 19,000 of the devices carried malicious implants that contained a unique signature, “which may suggest that around 19K is the actual amount of compromised devices,” the group added.
The hijacking could allow the hacking group to
Read more on pcmag.com
