<p>Tens of thousands of devices have been compromised by cybercriminals using an unpatched zero-day vulnerability in Cisco’s networking software.<img decoding=”async” class=”alignnone wp-image-246454″ src=”https://www.theindiaprint.com/wp-content/uploads/2023/10/theindiaprint.com-thousands-of-cisco-equipment-are-affected-when-a-serious-defect-is-used-by-hackers-750×500.jpg” alt=”theindiaprint.com thousands of cisco equipment are affected when a serious defect is used by hackers” width=”1397″ height=”931″ srcset=”https://www.theindiaprint.com/wp-content/uploads/2023/10/theindiaprint.com-thousands-of-cisco-equipment-are-affected-when-a-serious-defect-is-used-by-hackers-750×500.jpg 750w, https://www.theindiaprint.com/wp-content/uploads/2023/10/theindiaprint.com-thousands-of-cisco-equipment-are-affected-when-a-serious-defect-is-used-by-hackers-1024×683.jpg 1024w, https://www.theindiaprint.com/wp-content/uploads/2023/10/theindiaprint.com-thousands-of-cisco-equipment-are-affected-when-a-serious-defect-is-used-by-hackers-768×512.jpg 768w, https://www.theindiaprint.com/wp-content/uploads/2023/10/theindiaprint.com-thousands-of-cisco-equipment-are-affected-when-a-serious-defect-is-used-by-hackers-150×100.jpg 150w, https://www.theindiaprint.com/wp-content/uploads/2023/10/theindiaprint.com-thousands-of-cisco-equipment-are-affected-when-a-serious-defect-is-used-by-hackers.jpg 1200w” sizes=”(max-width: 1397px) 100vw, 1397px” title=”thousands of Cisco equipment are affected when a serious defect is used by hackers 3″></p>
<p>Nearly 42,000 vulnerable Cisco devices were discovered by Censys, a search engine for Internet-connected assets, which also noted a “sharp increase” in infections.</p>
<p>The networking behemoth Cisco acknowledged that one of their software products has a Web User Interface (Web UI) capability that, when exposed to the Internet or untrusted networks, was actively exploited.</p>
<p>The firm said in a vulnerability update that “this affects both physical and virtual devices running Cisco IOS XE software that also have the HTTP or HTTPS Server feature enabled.”</p>
<p>The business cautioned that if this vulnerability is successfully exploited, an attacker would be able to establish an account on the vulnerable device with “privilege level 15” access, thereby giving them complete control of the compromised device and opening the door for any future unauthorised action.</p>
<p>Enterprise switches, wireless controllers, access points, and industrial routers are among the hardware running Cisco IOS XE.</p>
<p>Cisco has advised businesses to turn off the HTTP server capability on computers that are connected to the internet.</p>
<p>According to Censys’ data, the US, the Philippines, and Mexico are where the bulk of infected devices are found.</p>
<p>Smaller organizations and people who are more vulnerable are the main targets of this issue, according to security specialists.</p>
<p>According to Cisco, the new vulnerability was rated 10/critical under the Common Vulnerability Scoring System (CVSS).</p>
<p>“Successful exploitation would grant an attacker full administrator privileges, allowing them to effectively take full control of the affected router and allowing for possible subsequent unauthorized activity,” the firm added.</p>
<p>A sign of possibly malicious behavior related to this vulnerability is unexplained or newly formed users on devices, which organizations should watch for.</p>
<p> </p>
