{"uuid": "509b32d8-9fd3-4da2-ba66-3e07d0949d32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20273", "type": "exploited", "source": "https://t.me/KomunitiSiber/966", "content": "Cisco Zero-Day Exploited to Implant Malicious Lua Backdoor on Thousands of Devices\nhttps://thehackernews.com/2023/10/cisco-zero-day-exploited-to-implant.html\n\nCisco has warned of a new zero-day flaw in IOS XE that has been actively exploited by an unknown threat actor to deploy a\u00a0malicious Lua-based implant\u00a0on susceptible devices.\nTracked as\u00a0CVE-2023-20273\u00a0(CVSS score: 7.2), the issue relates to a privilege escalation flaw in the web UI feature and is said to have been used alongside CVE-2023-20198 as part of an exploit chain.\n\"The attacker first", "creation_timestamp": "2023-10-21T06:34:57.000000Z"}