On October 17th, 2023, Cisco issued a warning regarding a critical security vulnerability (CVE-2023-20198) affecting its IOS XE software¹². The vulnerability, which has a severity rating of 10.0 on the CVSS scoring system, exists in the web UI feature of IOS XE and could allow an unauthenticated remote attacker to create a privileged account on affected devices³¹. Successful exploitation of CVE-2023-20198 allows a remote, unauthenticated attacker to create an account on an affected device and use that account to obtain full administrator privileges, effectively enabling a complete takeover of the system³.

Cisco released a security advisory to address the vulnerability (CVE-2023-20198) affecting IOS XE Software Web UI on October 16th, 2023⁴. As of October 17th, 2023, there is no patch available for CVE-2023-20198³. Cisco recommends users and administrators to review the security advisory, apply the necessary recommendations, hunt for any malicious activity and report any positive findings to CISA, and apply patches when made available⁴.

This vulnerability is a zero-day vulnerability that is actively being exploited by cyber threat actors³. It is crucial that users and administrators take immediate action to mitigate the risk from this vulnerability. CISA encourages users and administrators to review the Cisco security advisory and apply the necessary recommendations⁴.