Cisco: Web UI of IOS XE with 10.0 vulnerability

B2B Cyber ​​Security ShortNews

Share post

The BSI warns of an actively exploited vulnerability in the Cisco Web UI of IOS XE. The CVE-2023-20198 vulnerability has the highest CVSS score of 10.0 and is therefore critical. Many switches, routers and WLAN controllers are at risk.

On October 16, Cisco released an advisory regarding an unpatched and actively exploited vulnerability in the Web UI of IOS XE. The vulnerability with the identifier CVE-2023-20198 allows remote, unauthenticated attackers to create new accounts (with level 15 access rights) on the affected system. Attackers are therefore able to gain control over affected IOS XE systems and compromise the devices on which the software is used (switches, routers, WLAN controllers). The vulnerability has received the highest CVSS rating of 10.0 (“critical”).

Currently no patch available

Affected are physical and virtual devices with IOS XE whose web interface (Web UI) is activated. There is a particular risk if they can be accessed from the Internet. The web interface is a GUI-based system management tool to simplify deployment,
Commissioning and management of Cisco IOS XE systems. It is delivered by default and does not need to be explicitly activated or installed. The interface represents a user-friendly alternative to administration without having to use command line interfaces. However, Cisco recommends that the interface should not be accessible from the Internet or untrusted networks.

Security admins have to react

A patch for the vulnerability is not yet available, but Cisco points to necessary mitigation measures. Cisco has also observed active exploitation of the vulnerability. A post from Cisco Talos reports that the first attacks on the vulnerability took place on September 18th.

IT security managers should check as soon as possible for their Cisco IOS Whether the web interface is activated can be checked using various commands that the BSI lists in its security warning.

More at


About the Federal Office for Information Security (BSI)

The Federal Office for Information Security (BSI) is the federal cyber security authority and the creator of secure digitization in Germany. The guiding principle: As the federal cyber security authority, the BSI designs information security in digitization through prevention, detection and reaction for the state, economy and society.


Matching articles on the topic

Report: 40 percent more phishing worldwide

The current spam and phishing report from Kaspersky for 2023 speaks for itself: users in Germany are after ➡ Read more

BSI sets minimum standards for web browsers

The BSI has revised the minimum standard for web browsers for administration and published version 3.0. You can remember that ➡ Read more

Stealth malware targets European companies

Hackers are attacking many companies across Europe with stealth malware. ESET researchers have reported a dramatic increase in so-called AceCryptor attacks via ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Test: Security software for endpoints and individual PCs

The latest test results from the AV-TEST laboratory show very good performance of 16 established protection solutions for Windows ➡ Read more

FBI: Internet Crime Report counts $12,5 billion in damage 

The FBI's Internet Crime Complaint Center (IC3) has released its 2023 Internet Crime Report, which includes information from over 880.000 ➡ Read more

HeadCrab 2.0 discovered

The HeadCrab campaign against Redis servers, which has been active since 2021, continues to successfully infect targets with the new version. The criminals' mini-blog ➡ Read more