On Monday, 16 October, Cisco reported a critical zero-day vulnerability in the web UI feature of its IOS XE software actively being exploited by threat actors to install Remote Access Tools (RATs) and backdoor vulnerable devices exposed on the internet. The vulnerability, identified as CVE-2023-20198, enables an attacker without authentication to create a highly privileged account on the affected network device in order to gain full control and execute arbitrary commands. The Cisco IOS XE software is utilised on several of Cisco’s widely used enterprise networking devices – switches, routers, etc.
i would like to implement the detection of RAT in a given instance and whether an instance is vulnerable or not let me know
On Monday, 16 October, Cisco reported a critical zero-day vulnerability in the web UI feature of its IOS XE software actively being exploited by threat actors to install Remote Access Tools (RATs) and backdoor vulnerable devices exposed on the internet. The vulnerability, identified as CVE-2023-20198, enables an attacker without authentication to create a highly privileged account on the affected network device in order to gain full control and execute arbitrary commands. The Cisco IOS XE software is utilised on several of Cisco’s widely used enterprise networking devices – switches, routers, etc.
i would like to implement the detection of RAT in a given instance and whether an instance is vulnerable or not let me know