-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CVE-2023-20198 Implant Detection Template #8427
Conversation
Reference: |
Best to also include an additional URL for checking: https://github.com/fox-it/cisco-ios-xe-implant-detection |
Hi @rxerium @ancailliau we have moved the template to vulnerability category since it detects the implants of compromised system and changed the severity accordingly Once we have a proper POC for CVE-2023-20198 , will have a separate template for the same Let me know if the changes looks good 😄 Thanks |
LGTM 🚀 |
Template / PR Information
Created a template for the new Cisco IOS XE 0-day vulnerability (CVE-2023-20198) following the command released by Cisco in order to detect this:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z
https://www.bleepingcomputer.com/news/security/cisco-warns-of-new-ios-xe-zero-day-actively-exploited-in-attacks/
https://socradar.io/cisco-warns-of-exploitation-of-a-maximum-severity-zero-day-vulnerability-in-ios-xe-cve-2023-20198/
Template Validation
I've validated this template locally?
I've tested this against a few online hosts running Cisco IOS XE and it looks to be working fine however any further testing is always appreciated.
Additional Details (leave it blank if not applicable)
Additional References:
cc. @KaulSe @DhiyaneshGeek
ref: #8414