Hackers used Cisco zero-day to plant rootkits on network switches (CVE-2025-20352)

Threat actors have leveraged a recently patched IOS/IOS XE vulnerability (CVE-2025-20352) to deploy Linux rootkits on vulnerable Cisco network devices. “The operation targeted victims running older Linux systems that do not have endpoint detection response solutions,” Trend Micro researchers shared. Once a rootkit was implanted, it would set a universal password (containing the word “disco”) and install several hooks onto the IOSd (process) memory space, to make fileless components disappear after a reboot. About CVE-2025-20352 … More → The post Hackers used Cisco zero-day to plant rootkits on network switches (CVE-2025-20352) appeared first on Help Net Security.
http://news.poseidon-us.com/TNkgb1

Hackers used Cisco zero-day to plant rootkits on network switches (CVE-2025-20352)

Like this:

Related

More Posts

September 2025 CVE Landscape

More resources are popping up for federal employees during the shutdown

The IRS is losing lawyers, giving companies leverage in court

The IRS is losing lawyers, giving companies leverage in court

Email Bombs Exploit Lax Authentication in Zendesk

Share this:

Like this:

Related

More Posts

September 2025 CVE Landscape

More resources are popping up for federal employees during the shutdown

The IRS is losing lawyers, giving companies leverage in court

The IRS is losing lawyers, giving companies leverage in court

Email Bombs Exploit Lax Authentication in Zendesk