Notably, the flaw has allegedly been exploited for at least a month, though the identities of the attackers and their specific targets remain unknown. What is known is that the attackers utilized the flaw to drop a piece of malware that runs when the web server restarts. Although the malware cannot persist through a device reboot, the local user account remains active, giving attackers the opportunity to repeat the process as needed. As reported by Ars Technica, this vulnerability is “relatively easy to exploit,” enabling attackers to execute various malicious operations.
Cisco Networks Vulnerable: Critical Flaw Exploited, Urgent Patch Required
Security Alert: Cisco Urges Immediate Action
