image credit: Prayitno / Flickr

High-Severity Cisco Flaw in IOS XE Enables Device Takeover

June 14, 2019


Cisco has patched a high-severity vulnerability in its software for routers and switches, which could enable a remote attacker to reconfigure or execute commands on impacted devices.

IOS XE, a Linux-based version of Cisco’s Internetworking Operating System (IOS), is software for Cisco routers and switches. Products supported by IOS XE include enterprise switches (including Cisco’s Catalyst series), branch routers and edge routers including ASR 1013.

The high-severity vulnerability enables cross-site request forgery, an attack that forces an end user, once they click on a malicious link, to execute unwanted actions on a web application in which they’re currently authenticated.

Read More on Threat Post