October 19, 2023, 09:44 AM EDT

One of the most serious network device attacks in recent memory continues to widen, according to Censys researchers.

Compromises of Cisco IOS XE devices jumped by 8,000 on Wednesday, bringing the total number of affected systems to nearly 42,000, according to the latest data from cybersecurity firm Censys.

There’s no patch available for the critical vulnerability that’s being exploited in the attacks, although Cisco has provided mitigations that it’s said are effective at thwarting the compromises. IOS XE is a widely used Cisco networking software platform, with estimates suggesting that more than 140,000 devices in total are potentially vulnerable.

[Related: Why Cisco IOS XE Attacks Are Setting Off Alarm Bells]

Censys researchers had previously found 34,140 Cisco devices compromised, but on Wednesday said they had “found a sharp increase in infections” with the tally climbing to 41,983.

In response to a CRN inquiry Wednesday, Cisco said it did not have any new information to share.

Cisco said in an advisory Monday that the zero-day privilege escalation vulnerability—which is tracked as CVE-2023-20198—warrants the maximum severity rating, 10.0 out of 10.0.

Exploitation of the critical vulnerability can allow a malicious actor to acquire “full control of the compromised device and [allow] possible subsequent unauthorized activity,” Cisco’s Talos threat intelligence team said in a blog post Monday.

The attacks are one of the most serious network device hacks in recent memory, experts have said.

“The last few weeks have seen their fair share of potential sky-crumbling advisories,” Censys researchers said in a post. Those have included a vulnerability in Exim mail servers, “which amounted to much of nothing,” and an HTTP/2 attack that turned out to have a very narrow impact.

“But this time, Apollo, I think we have a problem,” the Censys researchers wrote, referring to the Cisco IOS…