New Malware Campaign, PolarEdge, Targets Cisco, ASUS, QNAP, and Synology Devices

A new malware campaign, named PolarEdge, has been targeting peripheral devices from Cisco, ASUS, QNAP, and Synology since at least the end of 2023. According to the French cybersecurity company Sekoia, unknown malicious actors are exploiting the critical vulnerability CVE-2023-20118 (CVSS score: 6.5) affecting the Cisco Small Business RV016 and RV042 models to deploy a backdoor. This vulnerability allows attackers to take control of the devices and integrate them into the PolarEdge botnet.