{"id":1912,"date":"2023-10-20T20:09:00","date_gmt":"2023-10-20T20:09:00","guid":{"rendered":"https:\/\/www.darkreading.com\/application-security\/cisco-zero-day-bug-patches-in-days"},"modified":"2023-10-20T20:09:00","modified_gmt":"2023-10-20T20:09:00","slug":"cisco-finds-new-zero-day-bug-pledges-patches-in-days","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2023\/10\/20\/cisco-finds-new-zero-day-bug-pledges-patches-in-days\/","title":{"rendered":"Cisco Finds New Zero Day Bug, Pledges Patches in Days"},"content":{"rendered":"<p><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2023\/10\/cisco-finds-new-zero-day-bug-pledges-patches-in-days.jpg?w=640&#038;ssl=1\"><\/p>\n<div><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2023\/10\/cisco-finds-new-zero-day-bug-pledges-patches-in-days-1.jpg?w=640&#038;ssl=1\" class=\"ff-og-image-inserted\"><\/div>\n<p>Cisco said a patch for two actively exploited zero-day flaws in its IOS XE devices is scheduled to drop on Oct. 22.<\/p>\n<p>The <a href=\"https:\/\/www.darkreading.com\/attacks-breaches\/ten-thousand-cisco-ios-xe-systems-compromised-zero-day-bug\" target=\"_blank\" rel=\"noopener\">first Cisco zero-day bug<\/a>, tracked under CVE-2023-20198, was announced on Oct. 16 and has a severity rating of 10 out of 10. At the time it was discovered, it had already allowed threat actors to compromise more than 10,000 Cisco devices.<\/p>\n<p>On Oct. 19, Cisco said it believed the <a href=\"https:\/\/blog.talosintelligence.com\/active-exploitation-of-cisco-ios-xe-software\/\" target=\"_blank\" rel=\"noopener\">cyberattacks against its IOS XE devices<\/a> were all being carried out by the same threat actor.<\/p>\n<p>Now, in an Oct. 20 update to its <a href=\"https:\/\/blog.talosintelligence.com\/active-exploitation-of-cisco-ios-xe-software\/\" target=\"_blank\" rel=\"noopener\">threat advisory<\/a>, Cisco reported there&#8217;s another previously unknown flaw involved, tracked under CVE-2023-20273 \u2014 it carries a slightly less scary CVSS score of 7.2.<\/p>\n<p>Both are being used in the same exploit chain.&nbsp;Threat actors used the first bug for initial access, and the second to escalate privileges once authenticated, according to an emailed statement from Cisco announcing the coming patch release.<\/p>\n<p>Cisco also added another clarification from its earlier reporting on the first bug: it was thought in the early response that the threat actor had combined the new zero-day with a known and patched vulnerability from 2021, raising the specter of a patch bypass issue. But Cisco has now dismissed that theory, according to a statement from the company.<\/p>\n<p>&#8220;The CVE-2021-1435 that had previously been mentioned is no longer assessed to be associated with this activity,&#8221; it said.<\/p>\n<h2 class=\"regular-text\">Exploitation Could Continue for Years<\/h2>\n<p>As Cisco continues to wrap its arms around the breadth of the threat, cybersecurity expert and consultant Immanuel Chavoya expects to see a spike in malicious activity against vulnerable devices in the lead up to the release of the updated version.<\/p>\n<p>&#8220;<span>Active exploitation will continue and lead to ransomware probably over this weekend, as threat actors rush to capitalize before any patch or remediation,&#8221; he predicts.<\/span><\/p>\n<p>But beyond the short-term, Chavoya is dubious many Cisco customers will take the necessary steps to remediate.<\/p>\n<p>&#8220;I can tell you from experience <a href=\"https:\/\/www.darkreading.com\/vulnerabilities-threats\/critical-citrix-bug-exploited-zero-day-patching-not-enough\" target=\"_blank\" rel=\"noopener\">many customers do not or will never patch<\/a> \u2014 and are absolutely unaware of the exploitation&nbsp;status currently (SMBs, etc.) \u2014 and so thus, exploitation will continue for months or years.&#8221;<\/p>\n<p><a href=\"https:\/\/www.darkreading.com\/application-security\/cisco-zero-day-bug-patches-in-days\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cisco said a patch for two actively exploited zero-day flaws<\/p>\n","protected":false},"author":12,"featured_media":1913,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1],"tags":[809],"class_list":["post-1912","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized","tag-dark-reading"],"featured_image_urls":{"full":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2023\/10\/cisco-finds-new-zero-day-bug-pledges-patches-in-days.jpg?fit=641%2C796&ssl=1",641,796,false],"thumbnail":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2023\/10\/cisco-finds-new-zero-day-bug-pledges-patches-in-days.jpg?resize=150%2C150&ssl=1",150,150,true],"medium":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2023\/10\/cisco-finds-new-zero-day-bug-pledges-patches-in-days.jpg?fit=242%2C300&ssl=1",242,300,true],"medium_large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2023\/10\/cisco-finds-new-zero-day-bug-pledges-patches-in-days.jpg?fit=640%2C795&ssl=1",640,795,true],"large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2023\/10\/cisco-finds-new-zero-day-bug-pledges-patches-in-days.jpg?fit=640%2C795&ssl=1",640,795,true],"1536x1536":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2023\/10\/cisco-finds-new-zero-day-bug-pledges-patches-in-days.jpg?fit=641%2C796&ssl=1",641,796,true],"2048x2048":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2023\/10\/cisco-finds-new-zero-day-bug-pledges-patches-in-days.jpg?fit=641%2C796&ssl=1",641,796,true],"chromenews-featured":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2023\/10\/cisco-finds-new-zero-day-bug-pledges-patches-in-days.jpg?fit=641%2C796&ssl=1",641,796,true],"chromenews-large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2023\/10\/cisco-finds-new-zero-day-bug-pledges-patches-in-days.jpg?resize=641%2C575&ssl=1",641,575,true],"chromenews-medium":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2023\/10\/cisco-finds-new-zero-day-bug-pledges-patches-in-days.jpg?resize=590%2C410&ssl=1",590,410,true]},"author_info":{"display_name":"Dark Reading","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/darkreading\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/uncategorized\/\" rel=\"category tag\">Uncategorized<\/a>","tag_info":"Uncategorized","comment_count":"0","jetpack_featured_media_url":"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2023\/10\/cisco-finds-new-zero-day-bug-pledges-patches-in-days.jpg?fit=641%2C796&ssl=1","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/1912","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=1912"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/1912\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media\/1913"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=1912"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=1912"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=1912"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}