A patch for the max severity zero-day bug tracked as CVE-2023-20198 is coming soon, but the bug has already led to the compromise of tens of thousands of Cisco devices. And now, there's a new unpatched threat.
  • nbailey@lemmy.caEnglish
    4·
    9 months ago

    Or, hear me out, maybe we don’t expose network management interfaces to untrusted networks? Sure, shit can still get breached by very deep intrusions, but at least you don’t show up on shodan!?

    • _dev_null@lemmy.zxcvn.xyzEnglish
      2·
      9 months ago

      Indeed, from a tenable article:

      Cisco does recommend disabling the HTTP Server feature on any Cisco IOS XE systems that are internet-facing. The advisory provides steps on how to disable the feature as well as steps on how to determine if the HTTP Server feature is enabled. Additionally, the Cisco security advisory outlines an additional command to run after disabling the HTTP Server feature, to ensure that the feature is not re-enabled after a system reload.

      So yeah, maybe not widen your attack surface to the whole fucking internet in the first place.