Cisco has discovered a critical zero-day vulnerability, CVE-2023-20198, that is being actively exploited, granting attackers full control of networks. The vulnerability lies in the Web User Interface of Cisco IOS XE software and affects any device with the HTTP or HTTPS Server feature enabled and exposed to the internet. Cisco urges customers to immediately implement protective measures outlined in their advisory.
Read more at Ars Technica…