-
Security Announcements
-
Product News
-
Next-Gen Vulnerability Management
-
Getting Started
-
General
-
Operating Status
-
System & Network Scanning
-
Web Application Scanning
-
Cloud Scanning (CSPM)
-
API Scanning
-
Phishing & Awareness Training
-
Scanner Appliance
-
Device Agent
-
On-premise platform deployment
-
Asset Management
-
Vulnerability Manager
-
Reports
-
Digest Reports
-
Organizer
-
Continuous Monitoring
-
Integrations
-
Platform API
-
Remediation
-
Users
-
PCI DSS
-
Terms & Conditions
-
Dashboard
How does Holm Security support detection for Cisco's IOS XE software Privilege Escalation Vulnerability (CVE-2023-20198)?
Cyber security experts have issued a warning about a critical zero-day vulnerability in Cisco's IOS XE software. This flaw, known as CVE-2023-20198, poses a significant threat to enterprise networking gear, allowing remote attackers to gain full control over affected systems. Recent reports indicate that this vulnerability has been actively exploited in the wild, impacting thousands of Cisco devices globally.
More information
Read more about this vulnerability in our blog:
https://www.holmsecurity.com/blog/cisco-zero-day-vulnerability
Update 2023-10-23: New test added
HID-2-1-5344961:
- Local detection (Authentication required)
- The test will verify if the vulnerable Cisco version is present. Authentication is required to fetch information about the installed Cisco version.
Update 2023-10-18: two tests added
The security research and development team has released two HIDs that will cover the detection of this vulnerability.
HID-2-1-5344994:- Remote detection (no authentication required)
- This test will be run automatically in all scan profiles utilizing full vulnerability coverage.
- Local detection (authentication required)
- To utilize this test, it is necessary to configure your network scan profile and enable authenticated scanning on your network assets.