China-linked Salt Typhoon Exploits Critical Cisco Vulnerability to Target Canadian Telecom

The Canadian Centre for Cyber Security and the U.S. Federal Bureau of Investigation (FBI) have issued an advisory warning of cyber attacks mounted by the China-linked Salt Typhoon actors to breach major global telecommunications providers as part of a cyber espionage campaign.

The attackers exploited a critical Cisco IOS XE software (CVE-2023-20198, CVSS score: 10.0) to access configuration files from three network devices registered to a Canadian telecommunications company in mid-February 2025.

The threat actors are also said to have modified at least one of the files to configure a Generic Routing Encapsulation (GRE) tunnel, enabling traffic collection from the network. The name of the targeted company was not disclosed.

To read the complete article see: The Hacker News