10.16.2023

Cisco IOS XE Web UI Vulnerability

Alert
  • facebook share link
  • twitter share link
  • linkedin share link
  • mail share link

Date of Notice: 10/16/2023

Action Level - Critical

Description

Cisco has released a security advisory regarding a vulnerability that was recently discovered in OS XE. This vulnerability is present on any IOS XE system with the web UI  feature enabled and if exploited could allow a remote, unauthenticated attacker to create a privilege level 15 account and gain control of the affected system. As of this writing there are no updates to remediate the vulnerability, but Cisco has provided instructions on disabling the web UI as well as indicators that a system has been compromised. 

Affected Versions

  • All versions of Cisco IOS XE as of this writing

Attack Vector

An unauthenticated attacker with network access to the device running IOS XE with web UI functionality enabled. 

Attack Feasibility 

Per Cisco, it is possible the vulnerability may have been exploited. See Cisco Security Advisory for relevant IOCs (Indicators of Compromise).

Mitigation

Cisco recommends disabling the HTTP and HTTPS Server features on all internet-facing systems. 

Remediation

There is no fix currently available for this vulnerability.

Vendor ResourcesCisco Security Advisory (includes recommended actions and IOCs)

MCNC
PO Box 12889
3021 East Cornwallis Road
RTP, NC 27709-2889
919-248-1900 Phone | 919-248-1101 Fax
Connect With Us
  • linkedin
  • instagram
  • x
  • facebook
  • youtube
© 2024 MCNC