LetsDefend Monitoring Alert

Cisco IOS XE Web UI ZeroDay (CVE-2023-20198)

Oct, 20, 2023, 12:35 PM

Event ID: 193

Event Time: Oct, 20, 2023, 12:35 PM

Rule Name: SOC231 - Cisco IOS XE Web UI ZeroDay (CVE-2023-20198)

Alert Type: Web Attack

MITRE Technique:
T1190 - Initial Access - Exploit Public-Facing Application,
T1136 - Persistence - Create Account,
T1070 - Defense Evasion - Indicator Removal,

Real World Example:On October 16, 2023, Cisco's Talos group reported an active threat campaign exploiting CVE-2023-20198, a critical vulnerability in Cisco IOS XE Software, affecting over 60,000 systems.

Severity: Critical

Incident Responder

2024 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166