Cisco: Web UI of IOS XE with 10.0 vulnerability
The BSI warns of an actively exploited vulnerability in the Cisco Web UI of IOS XE. The CVE-2023-20198 vulnerability has the highest CVSS score of 10.0 and is therefore critical. Many switches, routers and WLAN controllers are at risk. On October 16, Cisco released an advisory regarding an unpatched and actively exploited vulnerability in the Web UI of IOS XE. The vulnerability with the identifier CVE-2023-20198 allows remote, unauthenticated attackers to create new accounts (with level 15 access rights) on the affected system. Attackers are therefore able to take control of affected…