cisco
Safeguard articles tagged "cisco" — guides, analysis, and best practices for software supply chain and application security.
9 articles
Cisco IOS XE CVE-2023-20198 Explained: The Web UI Privilege Escalation Zero-Day
CVE-2023-20198 is an unauthenticated privilege escalation in the Cisco IOS XE Web UI, rated CVSS 10.0, that let attackers implant tens of thousands of devices in days. Here is how it worked and how to remediate.
CVE-2026-20262: Cisco Catalyst SD-WAN Manager Zero-Day File-Write Exploited in the Wild
Cisco confirmed limited in-the-wild exploitation of CVE-2026-20262, an arbitrary file-write zero-day in Catalyst SD-WAN Manager, alongside CVE-2026-20245. Here's what the chain actually buys an attacker and why edge management planes keep ending up on the KEV list.
Cisco Firepower CVE-2024-20418 Lessons: Network Security Devices as Attack Surface
CVE-2024-20418 was a critical command injection in Cisco Firepower Management Center. The technical details, the exploitation reality, and what it teaches about NSM security.
BlackTech Firmware Supply Chain Operations
BlackTech's firmware implants in Cisco routers turned edge devices into long-dwell footholds. A look at the tradecraft and what defenders missed.
Cisco ASA and FTD CVE-2024-20481: Brute-Force DoS in VPN Services
CVE-2024-20481 in Cisco ASA and Firepower Threat Defense VPN services was actively exploited in large-scale brute-force campaigns, causing denial of service on critical VPN infrastructure.
Cisco ASA Firepower Zero-Day Trends, 2024 Edition
Six zero-days against ASA and FTD in 2024, two tied to ArcaneDoor. We chart the trend, the CVSS distribution, and the patch-to-exploit gap.
Akira Ransomware: Exploiting VPN Vulnerabilities for Supply Chain Entry
Akira ransomware systematically exploited Cisco VPN vulnerabilities as its primary entry vector, targeting organizations through the network infrastructure they trusted most.
Cisco IOS XE CVE-2023-20198: Tens of Thousands of Devices Implanted
A critical zero-day in Cisco IOS XE's web UI allowed unauthenticated attackers to create admin accounts and deploy implants on over 40,000 devices worldwide.
Cisco IOS XE CVE-2023-20198: The Zero-Day That Compromised Tens of Thousands of Network Devices
CVE-2023-20198 in Cisco IOS XE allowed unauthenticated attackers to create admin accounts on network devices. Over 40,000 devices were compromised before Cisco shipped a fix.