Cisco announced patches for multiple vulnerabilities that are impacting its products. One of the vulnerabilities is a medium-severity flaw in IOS and IOS XE software and it appears to have been exploited in attacks. The vulnerability is identified as CVE-2023-20109 and impacts the Group Encrypted Transport VPN of IOS and IOS XE and can lead to remote code execution. The flaw can be exploited successfully if the attacker has credentials and administrative control over a group member or server.
All Cisco products running a vulnerable IOS or IOS XE release with the GDOI or G-IKEv2 protocol enables are impacted by this vulnerability. Cisco updates that all customers update to a patched IOS or IOS XE release. The vulnerability was discovered during an internal investigation and the company has observed exploitation attempts targeting this vulnerability.
Read More: Cisco Warns of IOS Software Zero-Day Exploitation Attempts