{"id":54163,"date":"2023-10-17T15:27:04","date_gmt":"2023-10-17T15:27:04","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/35131\/0-Day-In-Cisco-IOS-XE-Software-Is-Under-Attack.html"},"modified":"2023-10-17T15:27:04","modified_gmt":"2023-10-17T15:27:04","slug":"0-day-in-cisco-ios-xe-software-is-under-attack","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/0-day-in-cisco-ios-xe-software-is-under-attack\/","title":{"rendered":"0-Day In Cisco IOS XE Software Is Under Attack"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/10\/cisco-systems.png\" class=\"ff-og-image-inserted\"><\/div>\n<p>Unidentified hackers are exploiting a previously unknown vulnerability which allows them to take full control of internet-exposed Cisco devices running the company\u2019s IOS XE software.<\/p>\n<p>Cisco revealed the zero-day bug, impacting the software\u2019s Web User Interface (Web UI) feature, in <a href=\"https:\/\/sec.cloudapps.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-iosxe-webui-privesc-j22SaA4z\" target=\"_blank\" rel=\"noreferrer noopener\">an Oct. 16 Security Advisory<\/a> and provided additional background and guidance in <a href=\"https:\/\/blog.talosintelligence.com\/active-exploitation-of-cisco-ios-xe-software\/\" target=\"_blank\" rel=\"noreferrer noopener\">a Cisco Talos blog post<\/a>.<\/p>\n<p>The critical vulnerability, tracked as <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-20198\" target=\"_blank\" rel=\"noreferrer noopener\">CVE-2023-20198<\/a>, has the highest possible CVSS v3 severity rating of 10. It affects both physical and virtual devices running IOS XE when they are exposed to the internet and have the HTTP or HTTPS Server feature enabled.&nbsp;<\/p>\n<p>\u201cSuccessful exploitation of this vulnerability allows an attacker to create an account on the affected device with privilege level 15 access [<a href=\"https:\/\/learningnetwork.cisco.com\/s\/blogs\/a0D3i000002eeWTEAY\/cisco-ios-privilege-levels\" target=\"_blank\" rel=\"noreferrer noopener\">the highest possible level<\/a>], effectively granting them full control of the compromised device and allowing possible subsequent unauthorized activity,\u201d the Cisco Talos post said.<\/p>\n<p>The company said it \u201cstrongly recommends\u201d customers disable the HTTP Server feature on all internet-facing systems and check for malicious activity in the form of unexplained or newly created users on its devices. A patch for the bug is not yet available.<\/p>\n<p>The Cybersecurity and Infrastructure Security Agency (CISA) <a href=\"https:\/\/www.cisa.gov\/news-events\/alerts\/2023\/10\/16\/cisco-releases-security-advisory-ios-xe-software-web-ui\" target=\"_blank\" rel=\"noreferrer noopener\">issued its own alert<\/a> regarding the vulnerability and <a href=\"https:\/\/www.cisa.gov\/news-events\/alerts\/2023\/10\/16\/cisa-adds-one-known-exploited-vulnerability-catalog\" target=\"_blank\" rel=\"noreferrer noopener\">added it to the Known Exploited Vulnerabilities (KEV) Catalog<\/a>, giving U.S. Federal Civilian Executive Branch government agencies until Oct. 20 to apply mitigations.<\/p>\n<h2>Exploit activity first seen a month ago<\/h2>\n<p>Cisco Talos said potentially malicious activity related to the vulnerability first emerged on Sept. 28 when a case was opened with Cisco\u2019s Technical Assistance Center (TAC) that identified unusual behavior on a customer device.<\/p>\n<p>\u201cUpon further investigation, we observed what we have determined to be related activity as early as September 18,\u201d Cisco Talos said in its post.<\/p>\n<p>\u201cThe activity included an authorized user creating a local user account under the username \u2018cisco_tac_admin\u2019 from a suspicious IP address.\u201d<\/p>\n<p>On Oct. 12, TAC and Cisco Talos\u2019 incident response team observed a second \u201ccluster\u201d of related activity including the creation of a local user account called \u201ccisco_support\u201d by an unauthorized user from a second suspicious IP address. Subsequent activity included the deployment of an implant consisting of a configuration file (\u201ccisco_service.conf\u201d).<\/p>\n<p>The configuration file defined a new web server endpoint (URI path) used to interact with the implant, allowing the threat actor to execute arbitrary commands at the system or IOS level, Cisco Talos said.<\/p>\n<p>\u201cWe assess that these clusters of activity were likely carried out by the same actor. Both clusters appeared close together, with the October activity appearing to build off the September activity,\u201d Cisco Talos\u2019 researchers wrote.<\/p>\n<p>\u201cThe first cluster was possibly the actor\u2019s initial attempt and testing their code, while the October activity seems to show the actor expanding their operation to include establishing persistent access via deployment of the implant.\u201d<\/p>\n<h2>Threat actors and network infrastructure bugs<\/h2>\n<p>Viakoo Labs vice president John Gallagher said the vulnerability appeared to be tied to <a href=\"https:\/\/sec.cloudapps.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-getvpn-rce-g8qR68sx\" target=\"_blank\" rel=\"noreferrer noopener\">another Cisco IOS and IOS XE vulnerability<\/a>, <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-20109\" target=\"_blank\" rel=\"noreferrer noopener\">CVE-2023-20109<\/a>, which CISA <a href=\"https:\/\/www.cisa.gov\/news-events\/alerts\/2023\/10\/10\/cisa-adds-five-known-vulnerabilities-catalog\" target=\"_blank\" rel=\"noreferrer noopener\">added to the KEV Catalog on Oct. 10<\/a>.<\/p>\n<p>\u201cLikely there are other vulnerabilities at play here as well, as creation of malicious accounts is often part of a larger strategy,\u201d Gallagher said.<\/p>\n<p>In April, <a href=\"https:\/\/www.scmagazine.com\/analysis\/spike-in-network-infrastructure-hacks-russian-apt-exploitation-has-cisco-deeply-concerned\" target=\"_blank\" rel=\"noreferrer noopener\">Cisco said it was \u201cdeeply concerned\u201d<\/a> about a spike in attacks on network infrastructure attributed to state-sponsored espionage groups.<\/p>\n<p>Last month U.S. and Japanese security and law enforcement agencies said China-linked threat actor BlackTech infiltrated the corporate networks of multinational businesses through <a href=\"https:\/\/www.scmagazine.com\/news\/blacktech-gang-hacks-cisco-firmware-in-attacks-on-multinational-corporations\" target=\"_blank\" rel=\"noreferrer noopener\">a series of elaborate attacks<\/a> that included modifying Cisco router firmware.<\/p>\n<p>\u201cNetwork devices have always been a highly sought after target by nation state actors who wish to engage in espionage activity and this [new IOS XE] vulnerability gives that class of an attacker the perfect tool to subtly start manipulating network traffic,\u201d said Netenrich principal threat hunter John Bambenek.<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/35131\/0-Day-In-Cisco-IOS-XE-Software-Is-Under-Attack.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":54164,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[10720],"class_list":["post-54163","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackerflawciscozero-day"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>0-Day In Cisco IOS XE Software Is Under Attack 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/0-day-in-cisco-ios-xe-software-is-under-attack\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"0-Day In Cisco IOS XE Software Is Under Attack 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/0-day-in-cisco-ios-xe-software-is-under-attack\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-10-17T15:27:04+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/10\/cisco-systems.png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/0-day-in-cisco-ios-xe-software-is-under-attack\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/0-day-in-cisco-ios-xe-software-is-under-attack\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"0-Day In Cisco IOS XE Software Is Under Attack\",\"datePublished\":\"2023-10-17T15:27:04+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/0-day-in-cisco-ios-xe-software-is-under-attack\\\/\"},\"wordCount\":648,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/0-day-in-cisco-ios-xe-software-is-under-attack\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/0-day-in-cisco-ios-xe-software-is-under-attack.png\",\"keywords\":[\"headline,hacker,flaw,cisco,zero day\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/0-day-in-cisco-ios-xe-software-is-under-attack\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/0-day-in-cisco-ios-xe-software-is-under-attack\\\/\",\"name\":\"0-Day In Cisco IOS XE Software Is Under Attack 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/0-day-in-cisco-ios-xe-software-is-under-attack\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/0-day-in-cisco-ios-xe-software-is-under-attack\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/0-day-in-cisco-ios-xe-software-is-under-attack.png\",\"datePublished\":\"2023-10-17T15:27:04+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/0-day-in-cisco-ios-xe-software-is-under-attack\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/0-day-in-cisco-ios-xe-software-is-under-attack\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/0-day-in-cisco-ios-xe-software-is-under-attack\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/0-day-in-cisco-ios-xe-software-is-under-attack.png\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/0-day-in-cisco-ios-xe-software-is-under-attack.png\",\"width\":809,\"height\":549},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/0-day-in-cisco-ios-xe-software-is-under-attack\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,flaw,cisco,zero day\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackerflawciscozero-day\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"0-Day In Cisco IOS XE Software Is Under Attack\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"0-Day In Cisco IOS XE Software Is Under Attack 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/0-day-in-cisco-ios-xe-software-is-under-attack\/","og_locale":"en_US","og_type":"article","og_title":"0-Day In Cisco IOS XE Software Is Under Attack 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/0-day-in-cisco-ios-xe-software-is-under-attack\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-10-17T15:27:04+00:00","og_image":[{"url":"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/10\/cisco-systems.png","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/0-day-in-cisco-ios-xe-software-is-under-attack\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/0-day-in-cisco-ios-xe-software-is-under-attack\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"0-Day In Cisco IOS XE Software Is Under Attack","datePublished":"2023-10-17T15:27:04+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/0-day-in-cisco-ios-xe-software-is-under-attack\/"},"wordCount":648,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/0-day-in-cisco-ios-xe-software-is-under-attack\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/10\/0-day-in-cisco-ios-xe-software-is-under-attack.png","keywords":["headline,hacker,flaw,cisco,zero day"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/0-day-in-cisco-ios-xe-software-is-under-attack\/","url":"https:\/\/www.threatshub.org\/blog\/0-day-in-cisco-ios-xe-software-is-under-attack\/","name":"0-Day In Cisco IOS XE Software Is Under Attack 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/0-day-in-cisco-ios-xe-software-is-under-attack\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/0-day-in-cisco-ios-xe-software-is-under-attack\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/10\/0-day-in-cisco-ios-xe-software-is-under-attack.png","datePublished":"2023-10-17T15:27:04+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/0-day-in-cisco-ios-xe-software-is-under-attack\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/0-day-in-cisco-ios-xe-software-is-under-attack\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/0-day-in-cisco-ios-xe-software-is-under-attack\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/10\/0-day-in-cisco-ios-xe-software-is-under-attack.png","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/10\/0-day-in-cisco-ios-xe-software-is-under-attack.png","width":809,"height":549},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/0-day-in-cisco-ios-xe-software-is-under-attack\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,flaw,cisco,zero day","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackerflawciscozero-day\/"},{"@type":"ListItem","position":3,"name":"0-Day In Cisco IOS XE Software Is Under Attack"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/54163","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=54163"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/54163\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/54164"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=54163"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=54163"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=54163"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}