{"vulnerability": "cve-2023-20178", "sightings": [{"uuid": "790fe37c-6826-4562-ab0f-0896e36b1895", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20178", "type": "seen", "source": "https://t.me/kasperskyb2b/737", "content": "\ud83e\ude79\ud83e\ude79\ud83e\ude79\u0421\u0432\u0435\u0436\u0438\u0435 \u043f\u0430\u0442\u0447\u0438 Cisco\n\n\u0412 \u0438\u044e\u043b\u0435 Cisco \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 5 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u0439, \u0437\u0430\u043a\u0440\u044b\u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 AnyConnect/Security Client Software for Windows, Nexus 9000, WebEx, Duo Auth Proxy \u0438 BroadWorks.\n\nCVE-2023-20185 (CVSS 7.2) \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u044b \u0441\u0435\u0440\u0438\u0438 Nexus 9000, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u044f  ACI Multi-Site  \u0438 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0435 CloudSec. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442  \u0440\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u044b\u0432\u0430\u0442\u044c \u0442\u0440\u0430\u0444\u0438\u043a \u043c\u0435\u0436\u0434\u0443 \u0441\u0430\u0439\u0442\u0430\u043c\u0438. \u0425\u0430\u0440\u0430\u043a\u0442\u0435\u0440 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0435\u0451 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c. \u041f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c Cloudsec \u0438 \u0438\u0437\u0443\u0447\u0438\u0442\u044c \u0430\u043b\u044c\u0442\u0435\u0440\u043d\u0430\u0442\u0438\u0432\u043d\u044b\u0435 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u044b \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0442\u0440\u0430\u0444\u0438\u043a\u0430.  \u041f\u043e \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u0438\u044e Cisco, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0430\u0439\u0434\u0435\u043d\u0430 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0435\u0439 \u043a\u043e\u043c\u0430\u043d\u0434\u043e\u0439 \u0438 \u043d\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438. \u041f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 \u0438 \u0434\u0435\u0442\u0430\u043b\u044c\u043d\u0430\u044f \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u044f \u043f\u043e \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 ACI \u2014 \u043f\u043e \u0441\u0441\u044b\u043b\u043a\u0435. \n\nCVE-2023-20178 (CVSS 7.8) \u0432 Anyconnect \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e System, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0434\u0435\u0444\u0435\u043a\u0442 \u0432 \u043f\u0440\u043e\u0446\u0435\u0434\u0443\u0440\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u043b\u0438\u0435\u043d\u0442\u0430 Cisco. \u0420\u0435\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435, \u043d\u043e \u043f\u043e \u0441\u0447\u0430\u0441\u0442\u044c\u044e \u0434\u043b\u044f Anyconnect \u043e\u043d\u043e \u043e\u0431\u044b\u0447\u043d\u043e \u043f\u0440\u043e\u0445\u043e\u0434\u0438\u0442 \u0431\u0435\u0437\u0431\u043e\u043b\u0435\u0437\u043d\u0435\u043d\u043d\u043e \u0438 \u0432 \u0446\u0435\u043b\u043e\u043c \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438.\n\n\u041f\u0430\u0440\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Webex (CVE-2023-20133 \u0438 -20180, CVSS 5.4 \u0438 4.3) \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0438 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c XSS- \u0438 CSRF-\u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0432\u0435\u0431-\u043a\u043b\u0438\u0435\u043d\u0442\u0430 Webex Meetings, \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u043b\u0443\u0447\u0430\u044f \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0432 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u0443\u044f \u0435\u0433\u043e \u0432\u0441\u0442\u0440\u0435\u0447\u0438 Webex, \u0438 \u0442.\u043f.  \u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u044d\u0442\u043e \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0439 \u0441\u0435\u0440\u0432\u0438\u0441, \u0432\u0441\u0451 \u0443\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u043d\u0435 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043e.\n\nCVE-2023-20210 (CVSS 6.0) - \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0434\u043e root \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0441 Cisco Broadworks. \u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0443\u0436\u043d\u044b \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430. \u041f\u0430\u0442\u0447\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432\u0430 Broadworks.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2023-07-10T08:41:10.000000Z"}, {"uuid": "4234d70a-88a6-4879-aebb-08ff1f423e2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-20178", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1039", "content": "", "creation_timestamp": "2023-06-08T04:00:00.000000Z"}, {"uuid": "031f704c-cc1f-4f34-9c27-0d050e223800", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20178", "type": "seen", "source": "https://t.me/kasperskyb2b/679", "content": "\u26a1\ufe0fCisco Patch... Wednesday\n\n\u041d\u0435 \u0434\u043e\u0436\u0438\u0434\u0430\u044f\u0441\u044c \u0432\u0442\u043e\u0440\u043e\u0433\u043e \u0432\u0442\u043e\u0440\u043d\u0438\u043a\u0430 \u043c\u0435\u0441\u044f\u0446\u0430, Cisco \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0430\u0436 7 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u0439, \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0449\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Cisco Expressway, Telepresence Video Communication Server, UC manager IM, Adaptive security Appliance, Anyconnect \u0438 \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u0430\u0445 \u0434\u043b\u044f \u043c\u0430\u043b\u043e\u0433\u043e \u0431\u0438\u0437\u043d\u0435\u0441\u0430.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441 \u0440\u0435\u0439\u0442\u0438\u043d\u0433\u043e\u043c \u00ab\u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f\u00bb  (CVE-2023-20105 \u0438 -20192, CVSS 9.6) \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0432 Cisco Expressway \u0438 Telepresence VCS. \u0414\u0435\u0444\u0435\u043a\u0442 \u043b\u043e\u0433\u0438\u043a\u0438 \u0432 \u043f\u0440\u043e\u0446\u0435\u0434\u0443\u0440\u0435 \u0441\u043c\u0435\u043d\u044b \u043f\u0430\u0440\u043e\u043b\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0443 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0430 \u0447\u0442\u0435\u043d\u0438\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043f\u0440\u0430\u0432\u0430 \u043d\u0430 \u0437\u0430\u043f\u0438\u0441\u044c.\n\n\u0412\u0435\u0441\u044c\u043c\u0430 \u043d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0442\u0430\u043a\u0436\u0435 \u043d\u0430\u0439\u0434\u0435\u043d\u0430 \u0432 Cisco ASA \u0438 FTD (CVE-2023-20006, CVSS 8.6) \u2014 \u043e\u0448\u0438\u0431\u043a\u0430 \u0432 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 TLS \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e, \u043f\u0440\u0438\u0432\u043e\u0434\u044f \u043a DoS.\n\n\u0412 Anyconnect, \u0438\u043c\u0435\u044e\u0449\u0435\u043c \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0434\u043d\u043e\u0435 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 Cisco Secure Client Software for Windows, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043e\u0448\u0438\u0431\u043a\u0430, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0434\u043e SYSTEM. (CVE-2023-20178, CVSS 7.8) \n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0432 Unified Communications Manager IM \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (CVE-2023-20108, CVSS 7.5).\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2023-06-08T10:30:23.000000Z"}, {"uuid": "0910fcff-04d5-42a0-82c0-6e9965a610c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20178", "type": "seen", "source": "https://t.me/ctinow/120056", "content": "https://ift.tt/vZY6Ibn\nPoC exploit released for Cisco AnyConnect, Secure Client vulnerability (CVE-2023-20178)", "creation_timestamp": "2023-06-23T16:22:46.000000Z"}, {"uuid": "faff29cd-279d-4a0d-9ee5-1061d336036f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20178", "type": "published-proof-of-concept", "source": "https://t.me/ctinow/119797", "content": "https://ift.tt/XNgzIRh\nResearchers released a PoC exploit for CVE-2023-20178 flaw in Cisco AnyConnect Secure", "creation_timestamp": "2023-06-22T17:52:30.000000Z"}, {"uuid": "946d475d-6d2c-4a89-bc86-b9daea3c0f30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20178", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3088", "content": "Tools \ud83d\udd27 \ud83d\udd28 \ud83d\udd27  - HackersFactory\n\n\u200b\u200bCVE-2023-25610\n\nRCE vulnerability in FortiOS\n\nhttps://github.com/qi4L/CVE-2023-25610\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bCVE-2023-29343\n\nThis is PoC for arbitrary file write bug in Sysmon version 14.14\n\nhttps://github.com/Wh04m1001/CVE-2023-29343\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bBufferOverflowAttack\n\n\ud83d\udd10 Explores techniques to exploit and manipulate buffer overflow vulnerabilities in a program.\n\nhttps://github.com/minsooerickim/BufferOverflowAttack\n\n#infosec #pentesting #redteam\n\n\u200b\u200bScanners-Box\n\nA powerful and open-source toolkit for hackers and security automation.\n\nhttps://github.com/We5ter/Scanners-Box\n\n#infosec #pentesting #redteam\n\n\u200b\u200bCVE-2023-20178\n\nThis is PoC for Arbitrary File Delete vulnerability in Cisco Secure Client (tested on 5.0.01242) and Cisco AnyConnect (tested on 4.10.06079).\n\nhttps://github.com/Wh04m1001/CVE-2023-20178\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bActive Directory Advanced Threat Hunting\n\nIdentify vulnerabilities before others do!\n\nhttps://github.com/tomwechsler/Active_Directory_Advanced_Threat_Hunting\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bbug-bounty-standards\n\nA list of edge cases that occur in bug bounty programs, conversations on how they should be handled. The goal is to standardise the way that specific situations are handled in bug bounties.\n\nhttps://github.com/hakluke/bug-bounty-standards\n\n#cybersecurity #infosec #bugbounty\n\n\u200b\u200bWeb3Bugs\n\nDemystifying Exploitable Bugs in Smart Contracts.\n\nhttps://github.com/ZhangZhuoSJTU/Web3Bugs\n\n#cybersecurity #infosec\n\n\u200b\u200b\ud83d\udd11 Mantra\n\nA tool used to hunt down API key leaks in JS files and pages.\n\nhttps://github.com/MrEmpy/Mantra\n\n#infosec #pentesting #redteam\n\n\u200b\u200biOS Penetration Testing Cheat Sheet\n\nThis is more of a checklist for myself. May contain useful tips and tricks.\n\nhttps://github.com/ivan-sincek/ios-penetration-testing-cheat-sheet\n\nhttps://t.me/dilagrafie\n\n#cybersecurity #infosec #pentesting", "creation_timestamp": "2023-06-20T05:09:47.000000Z"}, {"uuid": "df6dddf8-35eb-4aee-a0f8-a99b10b8a443", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20178", "type": "published-proof-of-concept", "source": "Telegram/Z42dUL5SlpUKhzaB8z2JtVDGF4e8DZjU4NsnyrTR2CVbxw", "content": "", "creation_timestamp": "2023-06-27T08:09:48.000000Z"}, {"uuid": "42d7336f-6f30-4efa-97dd-c2a4ab1ad07d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20178", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3710", "content": "\ud83d\udda5Dataleak:\n\n\ud83d\udd31DataLeak uprint_id : https://www.system32.ink/2023/06/DataLeak-uprint.id.html\n\n\ud83d\udd31Leak RaidForums  : https://www.system32.ink/2023/06/leak-raidforums-database-by-exposedvc.html\n\n\ud83d\udd31Leak Santander bank Mexico : https://www.system32.ink/2023/06/leak-santander-bank-mexico.html\n\n\ud83d\udd31Leak Tour Partner Group (tourpartnergroup.com) : https://www.system32.ink/2023/06/leak-tour-partner-group.html\n\n\ud83d\udda5Exploits:\n\n\ud83d\udd31MiniDLNA &lt;=1.3.2 (CVE-2023-33476) Exploits : https://www.system32.ink/2023/06/minidlna-132-cve-2023-33476-exploits.html\n\n\ud83d\udd31CVE-2023-20178 PoC for Arbitrary File Delete vulnerability in Cisco Secure Client : https://www.system32.ink/2023/06/cve-2023-20178-poc-for-arbitrary-file.html\n\n\ud83d\udd31CVE-2023-25610  RCE vulnerability in FortiOS : https://www.system32.ink/2023/06/cve-2023-25610-rce-vulnerability-in.html\n\n\ud83d\udd31CVE-2023-30777 Exploit Reflected XSS vulnerability in the Advanced Custom Fields WordPress plugin : https://www.system32.ink/2023/06/cve-2023-30777-exploit-reflected-xss.html\n\n\ud83d\udda5Rat:\n\n\ud83d\udd31GCR-Google-Calendar-RAT : https://www.system32.ink/2023/06/gcr-google-calendar-rat.html\n\n\ud83d\udda5Tools:\n\n\ud83d\udd31Mantra - A tool used to hunt down API key leaks in JS files and pages : https://www.system32.ink/2023/06/mantra-tool-used-to-hunt-down-api-key.html\n\n\ud83d\udd31IIS Short Name Scanner - 2012-2023 : https://www.system32.ink/2023/06/iis-short-name-scanner-2012-2023.html\n\n@crackcodes | crackcodes.in | system32.ink", "creation_timestamp": "2023-06-21T14:59:33.000000Z"}, {"uuid": "405c0913-5745-4503-bd08-1598d83c91bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20178", "type": "seen", "source": "https://t.me/JerusalemElectronicArmy/358", "content": "#\u0623\u062e\u0628\u0627\u0631_\u0627\u0644\u0633\u0627\u064a\u0628\u0631 \n\n\u0634\u0631\u0643\u0629 \u0633\u064a\u0633\u0643\u0648 \u062a\u0639\u0644\u0646 \u0639\u0646 \u0625\u0635\u0644\u0627\u062d \u062b\u063a\u0631\u0629 \u0623\u0645\u0646\u064a\u0629 \u0641\u064a Cisco Secure Client\u060c \u0648\u0627\u0644\u062a\u064a \u064a\u0645\u0643\u0646 \u0627\u0633\u062a\u063a\u0644\u0627\u0644\u0647\u0627 \u0644\u0631\u0641\u0639 \u0635\u0644\u0627\u062d\u064a\u0627\u062a \u0627\u0644\u0645\u0647\u0627\u062c\u0645 \u0648\u0627\u0644\u062a\u062d\u0643\u0645 \u0628\u062c\u0647\u0627\u0632 \u0627\u0644\u0636\u062d\u064a\u0629 (CVE-2023-20178 CVSS Score 7.8).\n#\u062c\u064a\u0634_\u0627\u0644\u0642\u062f\u0633_\u0627\u0644\u0625\u0644\u0643\u062a\u0631\u0648\u0646\u064a", "creation_timestamp": "2023-06-10T08:33:18.000000Z"}, {"uuid": "2ffdd5e5-8324-4323-ae57-694969949983", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20178", "type": "seen", "source": "https://t.me/true_secator/4479", "content": "Cisco \u0438 VMware \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0441\u0440\u043e\u0447\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\nVMware\u00a0\u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430\u00a0\u0442\u0440\u0438 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 Aria Operations for Networks, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 RCE.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0438\u0437 \u043d\u0438\u0445 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 CVE-2023-20887\u00a0(\u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS: 9,8), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u0438\u043c\u0435\u044e\u0449\u0435\u043c\u0443 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0435\u0442\u0438, \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434.\n\n\u0422\u0430\u043a\u0436\u0435 VMware \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0434\u0440\u0443\u0433\u0443\u044e\u00a0\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438\u00a0(CVE-2023-20888) \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS: 9,1. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0441 \u0441\u0435\u0442\u0435\u0432\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a Aria Operations for Networks \u0438 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0440\u043e\u043b\u0438 \u00ab\u0447\u043b\u0435\u043d\u00bb \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0443 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0443\u044e \u043a RCE.\n\n\u0422\u0440\u0435\u0442\u0438\u0439 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u2014 \u044d\u0442\u043e \u043e\u0448\u0438\u0431\u043a\u0430 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 CVE-2023-20889\u00a0(\u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS: 8,8), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0441\u0443\u0431\u044a\u0435\u043a\u0442\u0443, \u0438\u043c\u0435\u044e\u0449\u0435\u043c\u0443 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0435\u0442\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0443 \u0441 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u043c\u0430\u043d\u0434 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c.\n\n\u0412\u0441\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 VMware Aria Operations Networks \u0432\u0435\u0440\u0441\u0438\u0438 6.x, \u0431\u044b\u043b\u0438\u00a0\u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b\u00a0\u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445: 6.2 - 6.10, \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u0445 \u043f\u0443\u0442\u0435\u0439 \u043d\u0435 \u0438\u043c\u0435\u044e\u0442.\n\nCisco\u00a0\u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430\u00a0\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Expressway \u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0432\u0438\u0434\u0435\u043e\u0441\u0432\u044f\u0437\u0438 TelePresence (VCS).\n\nCVE-2023-20105 (\u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS: 9,6) \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0443 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u00ab\u0442\u043e\u043b\u044c\u043a\u043e \u0447\u0442\u0435\u043d\u0438\u0435\u00bb \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e \u00ab\u0447\u0442\u0435\u043d\u0438\u044f-\u0437\u0430\u043f\u0438\u0441\u0438\u00bb. \n\n\u0412\u0442\u043e\u0440\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-20192 \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS: 8,4 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0438 \u0438\u0437\u043c\u0435\u043d\u044f\u0442\u044c \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\n\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u0431\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0443\u0442\u0438 \u0434\u043b\u044f CVE-2023-20192 Cisco \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u043e\u0442\u043a\u043b\u044e\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f CLI \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0442\u043e\u043b\u044c\u043a\u043e \u0434\u043b\u044f \u0447\u0442\u0435\u043d\u0438\u044f.\u00a0\u041e\u0431\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0431\u044b\u043b\u0438 \u0440\u0435\u0448\u0435\u043d\u044b \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 14.2.1 \u0438 14.3.0 VCS \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, Cisco \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0443\u044e \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0438 Cisco Secure Client (\u0440\u0430\u043d\u0435\u0435 AnyConnect Secure Mobility Client), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u0432\u044b\u0448\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0439 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438.\n\n\u041b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441 \u043d\u0438\u0437\u043a\u0438\u043c \u0443\u0440\u043e\u0432\u043d\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2023-20178) \u0432 \u043d\u0435\u0441\u043b\u043e\u0436\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0445 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 AnyConnect Secure Mobility Client \u0434\u043b\u044f Windows 4.10MR7 \u0438 Cisco Secure Client \u0434\u043b\u044f Windows 5.0MR2.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u043a\u0430\u043a\u0430\u044f-\u043b\u0438\u0431\u043e \u0438\u0437 \u0432\u044b\u0448\u0435\u0443\u043f\u043e\u043c\u044f\u043d\u0443\u0442\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435, \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u0438\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0438 \u0441\u043d\u0438\u0437\u0438\u0442\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0440\u0438\u0441\u043a\u0438.", "creation_timestamp": "2023-06-08T13:51:47.000000Z"}, {"uuid": "fb429deb-7aff-4113-88ad-c42c4a6b300c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20178", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8517", "content": "#exploit\n1. CVE-2023-20178:\nArbitrary File Delete vulnerability in Cisco Secure Client/Cisco AnyConnect\nhttps://github.com/Wh04m1001/CVE-2023-20178\n\n2. CVE-2023-29343:\nArbitrary file write bug in Sysmon v.14.14\nhttps://github.com/Wh04m1001/CVE-2023-29343", "creation_timestamp": "2023-06-19T11:00:37.000000Z"}, {"uuid": "9d1399e2-1f0d-497c-adf1-092441cb29d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20178", "type": "published-proof-of-concept", "source": "https://t.me/information_security_channel/50148", "content": "PoC Exploit Published for Cisco AnyConnect Secure Vulnerability\nhttps://www.securityweek.com/poc-exploit-published-for-cisco-anyconnect-secure-vulnerability/\n\nA security researcher has published proof-of-concept (PoC) exploit code targeting a recent high-severity vulnerability (CVE-2023-20178) in Cisco AnyConnect Secure.\nThe post PoC Exploit Published for Cisco AnyConnect Secure Vulnerability (https://www.securityweek.com/poc-exploit-published-for-cisco-anyconnect-secure-vulnerability/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2023-06-22T16:42:52.000000Z"}, {"uuid": "d8eccd04-4f68-474a-b769-6430d3a42e9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20178", "type": "seen", "source": "https://t.me/cibsecurity/65611", "content": "\u203c CVE-2023-20178 \u203c\n\nA vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local attacker to elevate privileges to those of SYSTEM. The client update process is executed after a successful VPN connection is established. This vulnerability exists because improper permissions are assigned to a temporary directory that is created during the update process. An attacker could exploit this vulnerability by abusing a specific function of the Windows installer process. A successful exploit could allow the attacker to execute code with SYSTEM privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-28T18:13:01.000000Z"}]}