#cve_2023_20198 — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #cve_2023_20198, aggregated by home.social.
-
GreyNoise Detects Active Exploitation of CVEs Mentioned in Black Basta’s Leaked Chat Logs
#BlackBastaGroup #CVE_2023_6875 #CVE_2024_3400 #CVE_2024_27198 #CVE_2024_24919 #CVE_2024_23897 #CVE_2024_1709 #CVE_2023_4966 #CVE_2023_42793 #CVE_2023_36845 #CVE_2023_36844 #CVE_2023_29357 #CVE_2023_22515 #CVE_2023_20198 #CVE_2022_41082 #CVE_2022_41040 #CVE_2022_37042 #CVE_2022_30525 #CVE_2022_27925 #CVE_2022_26134 #CVE_2022_22965 #CVE_2022_1388 #CVE_2021_44228 #CVE_2021_26855
https://www.greynoise.io/blog/greynoise-detects-active-exploitation-cves-black-bastas-leaked-chat-logs -
GreyNoise Detects Active Exploitation of CVEs Mentioned in Black Basta’s Leaked Chat Logs
#BlackBastaGroup #CVE_2023_6875 #CVE_2024_3400 #CVE_2024_27198 #CVE_2024_24919 #CVE_2024_23897 #CVE_2024_1709 #CVE_2023_4966 #CVE_2023_42793 #CVE_2023_36845 #CVE_2023_36844 #CVE_2023_29357 #CVE_2023_22515 #CVE_2023_20198 #CVE_2022_41082 #CVE_2022_41040 #CVE_2022_37042 #CVE_2022_30525 #CVE_2022_27925 #CVE_2022_26134 #CVE_2022_22965 #CVE_2022_1388 #CVE_2021_44228 #CVE_2021_26855
https://www.greynoise.io/blog/greynoise-detects-active-exploitation-cves-black-bastas-leaked-chat-logs -
GreyNoise Detects Active Exploitation of CVEs Mentioned in Black Basta’s Leaked Chat Logs
#BlackBastaGroup #CVE_2023_6875 #CVE_2024_3400 #CVE_2024_27198 #CVE_2024_24919 #CVE_2024_23897 #CVE_2024_1709 #CVE_2023_4966 #CVE_2023_42793 #CVE_2023_36845 #CVE_2023_36844 #CVE_2023_29357 #CVE_2023_22515 #CVE_2023_20198 #CVE_2022_41082 #CVE_2022_41040 #CVE_2022_37042 #CVE_2022_30525 #CVE_2022_27925 #CVE_2022_26134 #CVE_2022_22965 #CVE_2022_1388 #CVE_2021_44228 #CVE_2021_26855
https://www.greynoise.io/blog/greynoise-detects-active-exploitation-cves-black-bastas-leaked-chat-logs -
GreyNoise Detects Active Exploitation of CVEs Mentioned in Black Basta’s Leaked Chat Logs
#BlackBastaGroup #CVE_2023_6875 #CVE_2024_3400 #CVE_2024_27198 #CVE_2024_24919 #CVE_2024_23897 #CVE_2024_1709 #CVE_2023_4966 #CVE_2023_42793 #CVE_2023_36845 #CVE_2023_36844 #CVE_2023_29357 #CVE_2023_22515 #CVE_2023_20198 #CVE_2022_41082 #CVE_2022_41040 #CVE_2022_37042 #CVE_2022_30525 #CVE_2022_27925 #CVE_2022_26134 #CVE_2022_22965 #CVE_2022_1388 #CVE_2021_44228 #CVE_2021_26855
https://www.greynoise.io/blog/greynoise-detects-active-exploitation-cves-black-bastas-leaked-chat-logs -
Regarding the #Cisco #IOS XE web UI RCE vuln, I wanted to test a few things in a lab environment to help with forensics, detection, etc. But the software is #proprietary and it seems Cisco tries quite hard to make it inaccessible to anyone not paying them. So it's a challenge for #defenders to get some basic answers from a device they control and know is not compromised.
-
New Cisco IOS XE zero day vulnerability has been disclosed as CVE-2023-20198.
This vulnerability is being actively exploited with thousands of Cisco IOS XE devices being breached.
This vulnerability has a CVSS score of 10/10 and affects any Cisco IOS XE devices with HTTP/HTTPS service enabled & is Internet facing. Successful exploitation by the attacker could allow them to create admin-level accounts & take over the network.
https://arstechnica.com/security/2023/10/actively-exploited-cisco-0-day-with-maximum-10-severity-gives-full-network-control/
#infosec #cybersecurity #Cisco #IOSXE #CVE_2023_20198 #zeroday