Threat actors exploit zero-day vulnerabilities because these flaws are unknown to the software developers, making them highly effective for launching attacks.
Exploiting zero-days allows malicious actors to bypass security measures and gain unauthorized access or control over systems, maximizing their chances of success.
A new Zero-day vulnerability (CVE-2023-20198) in Cisco IOS XE’s Web UI feature that affects devices with exposed HTTP/HTTPS Server functionality when connected to the internet or untrusted networks has been discovered by Cisco.
The web user interface (UI) is a graphical user interface (GUI) based system administration application that simplifies system management without the need for any additional installation or licensing. However, it is strongly advised against exposing the web UI to the internet or unreliable networks due to potential security risks.
Cisco IOS XE Zero-day Vulnerability
Cisco detected…