Safeguard
Tag

cisco

Safeguard articles tagged "cisco" — guides, analysis, and best practices for software supply chain and application security.

9 articles

Vulnerability Analysis

Cisco IOS XE CVE-2023-20198 Explained: The Web UI Privilege Escalation Zero-Day

CVE-2023-20198 is an unauthenticated privilege escalation in the Cisco IOS XE Web UI, rated CVSS 10.0, that let attackers implant tens of thousands of devices in days. Here is how it worked and how to remediate.

Jul 3, 20266 min read
Vulnerabilities

CVE-2026-20262: Cisco Catalyst SD-WAN Manager Zero-Day File-Write Exploited in the Wild

Cisco confirmed limited in-the-wild exploitation of CVE-2026-20262, an arbitrary file-write zero-day in Catalyst SD-WAN Manager, alongside CVE-2026-20245. Here's what the chain actually buys an attacker and why edge management planes keep ending up on the KEV list.

Jun 14, 20267 min read
Vulnerability Analysis

Cisco Firepower CVE-2024-20418 Lessons: Network Security Devices as Attack Surface

CVE-2024-20418 was a critical command injection in Cisco Firepower Management Center. The technical details, the exploitation reality, and what it teaches about NSM security.

Apr 8, 20265 min read
Industry Analysis

BlackTech Firmware Supply Chain Operations

BlackTech's firmware implants in Cisco routers turned edge devices into long-dwell footholds. A look at the tradecraft and what defenders missed.

Dec 15, 20246 min read
Vulnerability Analysis

Cisco ASA and FTD CVE-2024-20481: Brute-Force DoS in VPN Services

CVE-2024-20481 in Cisco ASA and Firepower Threat Defense VPN services was actively exploited in large-scale brute-force campaigns, causing denial of service on critical VPN infrastructure.

Oct 24, 20246 min read
Vulnerability Management

Cisco ASA Firepower Zero-Day Trends, 2024 Edition

Six zero-days against ASA and FTD in 2024, two tied to ArcaneDoor. We chart the trend, the CVSS distribution, and the patch-to-exploit gap.

Sep 5, 20245 min read
Ransomware

Akira Ransomware: Exploiting VPN Vulnerabilities for Supply Chain Entry

Akira ransomware systematically exploited Cisco VPN vulnerabilities as its primary entry vector, targeting organizations through the network infrastructure they trusted most.

Jan 12, 20247 min read
Vulnerability Analysis

Cisco IOS XE CVE-2023-20198: Tens of Thousands of Devices Implanted

A critical zero-day in Cisco IOS XE's web UI allowed unauthenticated attackers to create admin accounts and deploy implants on over 40,000 devices worldwide.

Oct 16, 20235 min read
Zero-Day Exploits

Cisco IOS XE CVE-2023-20198: The Zero-Day That Compromised Tens of Thousands of Network Devices

CVE-2023-20198 in Cisco IOS XE allowed unauthenticated attackers to create admin accounts on network devices. Over 40,000 devices were compromised before Cisco shipped a fix.

Oct 16, 20236 min read
cisco — Safeguard Blog