.jpeg)
Thousands Of Cisco Equipment Are Affected When A Serious Defect Is Used By Hackers
Tens of thousands of devices have been compromised by cybercriminals using an unpatched zero-day vulnerability in Cisco’s networking software.
Nearly 42,000 vulnerable Cisco devices were discovered by Censys, a search engine for Internet-connected assets, which also noted a “sharp increase” in infections.
The networking behemoth Cisco acknowledged that one of their software products has a Web User Interface (Web UI) capability that, when exposed to the Internet or untrusted networks, was actively exploited.
The firm said in a vulnerability update that “this affects both physical and virtual devices running Cisco IOS XE software that also have the HTTP or HTTPS Server feature enabled.”
The business cautioned that if this vulnerability is successfully exploited, an attacker would be able to establish an account on the vulnerable device with “privilege level 15” access, thereby giving them complete control of the compromised device and opening the door for any future unauthorised action.
