Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. We are updating the list of fixed releases and adding the Software Checker. Fix information can be found in the Fixed Software section of this advisory. Our investigation has determined that the actors exploited two previously unknown issues. The attacker first exploited CVE-2023-20198 to gain initial access and issued a privilege 15 command to create a local u...| sec.cloudapps.cisco.com
This page contains a web-friendly version of the Cybersecurity and Infrastructure Security Agency’s Binding Operational Directive 23-02: Mitigating the Risk| Cybersecurity and Infrastructure Security Agency CISA