Bad Actors Spotted a Vulnerability In Cisco’s VPN Product

The digital communications company Cisco says that hackers are trying to exploit a vulnerability in one of its Virtual Private Network products. According to The Record, cybersecurity experts were especially concerned about the vulnerability, tagged as CVE-2023-20109, which affects the Cisco Group Encrypted Transport VPN (GET VPN) feature of Cisco IOS Software and Cisco IOS XE Software.

“A successful exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a denial of service (DoS) condition,” says Cisco, and added that there are no workarounds other than the patches provided. The U.S. Cybersecurity and Infrastructure Security Agency released a warning urging companies to install the patches.

Several cybersecurity experts say the vulnerability is serious, but hackers would need to be well-ensconced in any system to exploit it. According to Tim Silverline, of network automation company Gluware, the danger isn’t great because if hackers have full access, then the organization is already compromised and the vulnerability is just one way the attackers could move laterally.

Viakoo’s John Gallagher agrees the flaw is hard to exploit, but says that if it is exploited, hackers would gain full control of a router. Cybersecurity officials in the U.S. and Japan have recently warned that Chinese government hackers were targeting routers made by Cisco and others in espionage attacks. According to Gallagher, “Without question this vulnerability is serious and both actions to physically secure the target environment and remediate the vulnerability should be taken.”