Advisory No: TZCERT/SA/2023/10/20
Date of First Release: 20th October 2023
Software Affected: Cisco IOS XE Software
Cisco has issued an advisory detailing a Zero-Day vulnerability which has resulted to active exploitation of a previously unknown vulnerability in the web UI feature of Cisco IOS XE Software when exposed to the internet or to untrusted networks.
A Cisco IOS XE Software with an enabled Web UI feature (HTTP through ip http server command or HTTPS through ip http secure–server command) is affected with this vulnerability and allows a remote unauthenticated attacker to create an account and use it to gain access to the system.
The Web User Interface (Web UI) provides network administrators with a single solution for provision, monitoring, and optimizing devices.
Successful exploitation of this vulnerability may allow a remote unauthenticated attacker to create an account to an affected system with a privilege level 15 access and use the account to gain control of an affected system.
Cisco strongly recommends that users restrict access to those services to the trusted network or disable the HTTP Server features on all internet-facing systems.