Rewterz Threat Advisory – CVE-2023-20198 – Zero-Day Cisco IOS XE Vulnerability Exploit in the Wild

Rewterz Threat Advisory – Multiple Microsoft Dynamics 365 Vulnerabilities

October 16, 2023

Rewterz Threat Advisory – CVE-2023-36559 – Microsoft Edge (Chromium-based) Vulnerability

October 17, 2023

Rewterz Threat Advisory – CVE-2023-20198 – Zero-Day Cisco IOS XE Vulnerability Exploit in the Wild

Severity

High

Analysis Summary

CVE-2023-20198

Cisco IOS XE could allow a remote attacker to gain elevated privileges on the system, caused by active exploitation of a previously unknown vulnerability in the web UI feature. An attacker could exploit this vulnerability to create an account on an affected system with privilege level 15 access and then use that account to gain control of the affected system.

Impact

Privilege Escalation

Indicators Of Compromise

CVE

CVE-2023-20198

Affected Vendors

Cisco

Affected Products

Cisco IOS XE Software

Remediation

Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.

Cisco Security Advisory

Rewterz Threat Advisory – Multiple Microsoft Dynamics 365 Vulnerabilities

Rewterz Threat Advisory – CVE-2023-36559 – Microsoft Edge (Chromium-based) Vulnerability

Rewterz Threat Advisory – CVE-2023-20198 – Zero-Day Cisco IOS XE Vulnerability Exploit in the Wild

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan