Cisco has warned of a critical, unpatched security flaw impacting IOS XE software thats under active exploitation in the wild. Rooted in the web UI feature, the zero-day vulnerability is assigned asCVE-2023-20198and has been assigned the maximum severity rating of 10.0 on the CVSS scoring system. Its worth pointing out that the shortcoming only affects enterprise networking gear that have