Cisco releases security advisory following cyber threat to software

Cisco has released a security advisory following a cyber threat to its IOS EX Software, which without action could leave customers vulnerable.

At 4.50pm yesterday (17 October), Cisco released the following statement on the NHS England cyber page:

“Cisco is aware of active exploitation of a previously unknown vulnerability in the web UI feature of Cisco IOS XE Software when exposed to the internet or to untrusted networks.

“This vulnerability allows a remote, unauthenticated attacker to create an account on an affected system with privilege level 15 access.

“The attacker can then use that account to gain control of the affected system. For steps to close the attack vector for this vulnerability, see the Recommendations section of this advisory Cisco will provide updates on the status of this investigation and when a software patch is available.”

Cisco has provided remediation advice and steps, with the main one being that “customers disable the HTTP Server feature on all internet-facing systems”.

Paul Barnes, head of operations and engagement, cyber security at NHS England, confirmed on LinkedIn that NHSE have released a High Severity Alert to the health and care system in England.

“There is currently no patch, just mitigating actions. The impacted equipment is widely used globally and Cisco has already seen equipment actively exploited in the wild,” he said.

Cisco were approached by Digital Health News for further comment on the matter but are yet to respond.

Cyber security continues to be a pressing issue for the NHS and wider UK healthcare sector. However, a new report from iomart and Oxford Economics has recently revealed that more than half (56%) of UK healthcare businesses are seeing an increase in cyber threats and AI could be the solution.