A backdoor is implanted on Cisco devices by exploiting a pair of zero-day flaws in IOS XE software that has been modified by the threat actor so as to escape visibility via previous fingerprinting methods.
The attacks entail fashioning CVE-2023-20198 (CVSS score: 10.0) and CVE-2023-20273 (CVSS score: 7.2) into an exploit chain that grants the threat actor the ability to gain access to the devices, create a privileged account, and ultimately deploy a Lua-based implant on the devices.
https://thehackernews.com/2023/10/backdoor-implant-on-hacked-cisco.html
https://t.me/cKure/13078