- September 02, 2025: Cybersecurity Advisory (CSA) released by CISA outlines People's Republic of China (PRC) state-sponsored cyber threat actors are targeting networks globally.https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-239a?utm_source=SaltTyphoon&utm_medium=GovDelivery
- June 24, 2025: The Canadian Centre for Cyber Security and the U.S. Federal Bureau of Investigation (FBI) have issued an advisory warning of cyber attacks mounted by the China-linked Salt Typhoon actors to breach major global telecommunications providers as part of a cyber espionage campaign.https://www.cyber.gc.ca/en/guidance/cyber-threat-bulletin-prc-cyber-actors-target-telecommunications-companies-global-cyberespionage-campaign
- October 20, 2023: Cisco identified an additional vulnerability (CVE-2023-20273) that is exploited to deploy the implant. Fixes for both CVE-2023-20198 and CVE-2023-20273 are estimated to be available on October 22 according to the vendor advisory. Please see the following link for software fix availability:https://www.cisco.com/c/en/us/support/docs/ios-nx-os-software/ios-xe-dublin-17121/221128-software-fix-availability-for-cisco-ios.html
- October 19, 2023: CISA added CVE-2023-20198 to its known exploited list (KEV) Catalog.https://www.cisa.gov/known-exploited-vulnerabilities-catalog
- October 16, 2023: Cisco released an advisory for CVE-2023-20198https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z
- October 16, 2023: Cisco Talos released a detailed blog about the CVE-2023-20198 vulnerability and its active exploitation.https://blog.talosintelligence.com/active-exploitation-of-cisco-ios-xe-software/
- October 16, 2023: FortiGuard Labs released a Threat Signal for the vulnerability (CVE-2023-20198)https://www.fortiguard.com/threat-signal-report/5293
Countermeasures across the security fabric for protecting assets, data and network from cybersecurity events:
Detects attack attempts related to Cisco IOS XE Web Attack and prevents lateral movement on the network segment
Detects attack attempts related to Cisco IOS XE Web Attack and prevents lateral movement on the network segment
Detects known malware related to the Outbreak
Find and correlate important information to identify an outbreak, the following updates are available to raise alert and generate reports:
Develop containment techniques to mitigate impacts of security events:
Services that can automaticlly respond to this outbreak.
Experts to assist you with analysis, containment and response activities.
Improve security posture and processes by implementing security awareness and training, in preparation for (and recovery from) security incidents:
Train your network and security professionals and optimize your incident response to stay on top of the cyberattacks.
Raise security awareness to your employees that are continuously being targeted by phishing, drive-by download and other forms of cyberattacks.
Identify processes and assets that need protection:
Check Security Fabric devices to build actionable configuration recommendations and key indicators.
Know attackers next move to protect against your business branding.
Learn more about FortiGuard Outbreak Alerts
