Cisco has identified a zero-day vulnerability in the Web User Interface (Web UI) feature of Cisco IOS XE software, which is used in a wide range of networking devices. This affects physical and virtual devices running Cisco IOS XE software. This vulnerability allows a remote, unauthenticated attacker to create an account, then use it to take control of the system and compromise the network. There is no current patch for this vulnerability. Cisco recommends disabling the HTTP Server feature on all affected internet-facing systems.
In these circumstances, the only mitigation available is monitoring those devices for user creations and privilege escalations – which is a core function of SECNAP’s security platform and SOC service. With SECNAP Network Security, you get an unparalleled blend of protection, detection, and response capabilities, all bundled into one powerful package called CloudJacket.