{"vulnerability": "cve-2023-2027", "sightings": [{"uuid": "86cf43d4-facb-45b7-9ccd-76499d0ff6bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1139", "content": "", "creation_timestamp": "2023-10-17T04:00:00.000000Z"}, {"uuid": "782239ce-c6eb-4a6b-a6b6-5a2d766c8114", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_20/2023", "content": "", "creation_timestamp": "2023-10-17T07:43:31.000000Z"}, {"uuid": "bfc1f6f8-e6da-412a-bff3-c1e4d593f937", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://bsky.app/profile/NNN.bettercities.top.ap.brid.gy/post/3mhylo3zajfc2", "content": "", "creation_timestamp": "2026-03-26T21:52:56.158446Z"}, {"uuid": "931f5ffb-98a1-49bb-883d-ccf8cf865759", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/b20afb65-0745-4292-9fae-3d42ff6b77d2", "content": "", "creation_timestamp": "2026-02-02T12:26:48.122271Z"}, {"uuid": "e8c56be0-54c9-46db-bdcc-111484f979c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/e3ff8696-592c-4423-9a57-2cb2716b141e", "content": "", "creation_timestamp": "2025-08-29T14:07:34.392990Z"}, {"uuid": "d3502c11-6189-49f1-8fd7-e78e56afe9d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://t.me/GithubRedTeam/5532", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aThis is a webshell fingerprinting scanner designed to identify implants on Cisco IOS XE WebUI's affected by CVE-2023-20198 and CVE-2023-20273\nURL\uff1ahttps://github.com/Shadow0ps/CVE-2023-20198-Scanner\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-23T19:33:47.000000Z"}, {"uuid": "76f54d72-a8d3-466c-8e2d-286399334b29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6121", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-20273 Exploit PoC\nURL\uff1ahttps://github.com/smokeintheshell/CVE-2023-20273\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-12-09T07:29:08.000000Z"}, {"uuid": "73993910-fb26-41b5-a51b-2a1a82c0314b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "exploited", "source": "https://t.me/itsec_news/3497", "content": "\u200b\u26a1\ufe0fCisco \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u0435\u0442 \u043d\u043e\u0432\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 IOS XE \u0438 \u0433\u043e\u0442\u043e\u0432\u0438\u0442 \u043f\u0430\u0442\u0447\u0438.\n\n\ud83d\udcac \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Cisco \u0432\u044b\u044f\u0432\u0438\u043b\u0430 \u0435\u0449\u0435 \u043e\u0434\u043d\u0443 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0443\u044e \u0441 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0439 \u043b\u0438\u043d\u0438\u0435\u0439 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e \u043a\u0430\u043a \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432\u044b\u0440\u0430\u0437\u0438\u043b\u0438 \u043e\u043f\u0430\u0441\u0435\u043d\u0438\u044f \u043e \u0442\u044b\u0441\u044f\u0447\u0430\u0445 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0445 \u0436\u0435\u0440\u0442\u0432, \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u0432\u0448\u0438\u0445 \u043e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 zero-day.\n\n\u041d\u0430 \u044d\u0442\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 Cisco \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u043e\u0442\u0447\u0435\u0442 \u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u043f\u043e\u0441\u0442 \u043e CVE-2023-20198, \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044f, \u0447\u0442\u043e \u0443\u0433\u0440\u043e\u0437\u0430 \u0438\u043c\u0435\u0435\u0442 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0439 \u0431\u0430\u043b\u043b CVSS 10, \u0438 \u0435\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442 \u0445\u0430\u043a\u0435\u0440\u044b . \u041f\u0430\u0442\u0447 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043d\u0435 \u0431\u044b\u043b \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d, \u0438 Cisco \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u043b\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u0443\u0431\u0435\u0434\u0438\u0442\u044c\u0441\u044f, \u0447\u0442\u043e \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043d\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0438\u0437 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430.\n\n\u0412 \u043f\u044f\u0442\u043d\u0438\u0446\u0443 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0433\u0438\u0433\u0430\u043d\u0442 \u0437\u0430\u044f\u0432\u0438\u043b, \u0447\u0442\u043e \u043f\u0430\u0442\u0447 \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0431\u0443\u0434\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0432 \u0432\u043e\u0441\u043a\u0440\u0435\u0441\u0435\u043d\u044c\u0435. \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u0440\u0430\u0441\u0441\u043c\u043e\u0442\u0440\u0435\u043b\u0430 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u0443\u044e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0433\u043e\u0432\u043e\u0440\u0438\u043b\u043e\u0441\u044c \u0432 \u0431\u043b\u043e\u0433\u0435 \u0438 \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u044b\u0437\u0432\u0430\u043b\u0430 \u0442\u0440\u0435\u0432\u043e\u0433\u0443 \u0441\u0440\u0435\u0434\u0438 \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u043e\u0432. Cisco \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u0437\u0430\u044f\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0430\u0442\u0430\u043a, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u0438\u0445 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043f\u043e \u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e \u043d\u0430 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u044b \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0438, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u0442\u0430\u043a\u0436\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442 CVE-2021-1435, \u043a\u043e\u0442\u043e\u0440\u0443\u044e Cisco \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0432 2021 \u0433\u043e\u0434\u0443.\n\n\u0423\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u0435 \u043e\u0442 \u044d\u0442\u043e\u0433\u043e \u0431\u0430\u0433\u0430, \u0431\u044b\u043b\u0438 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u044b \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c\u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430\u043c\u0438, \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u043c\u0438 \"\u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0435\u0449\u0435 \u043d\u0435 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0430\".\n\nCisco \u043e\u0431\u043d\u043e\u0432\u0438\u043b\u0430 \u0441\u0432\u043e\u0439 \u0441\u043e\u0432\u0435\u0442 \u043f\u043e CVE-2023-20198, \u0432\u043a\u043b\u044e\u0447\u0438\u0432 \u043d\u043e\u0432\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0443\u044e \u043a\u0430\u043a CVE-2023-20273, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0440\u0435\u0448\u0430\u0435\u0442 \u044d\u0442\u043e\u0442 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u044b\u0439 \u0432\u043e\u043f\u0440\u043e\u0441. \u041e\u043d\u0438 \u043e\u0431\u043d\u043e\u0432\u0438\u043b\u0438 \u0431\u043b\u043e\u0433, \u0447\u0442\u043e\u0431\u044b \u043e\u0431\u044a\u044f\u0441\u043d\u0438\u0442\u044c, \u0447\u0442\u043e \u043f\u0430\u0442\u0447, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u044b\u0439\u0434\u0435\u0442 \u0432 \u0432\u043e\u0441\u043a\u0440\u0435\u0441\u0435\u043d\u044c\u0435, \u0440\u0435\u0448\u0438\u0442 \u043e\u0431\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b. \u041e\u043d\u0438 \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0438, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2021-1435, \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u0430\u044f \u0432 2021 \u0433\u043e\u0434\u0443, \"\u0431\u043e\u043b\u044c\u0448\u0435 \u043d\u0435 \u0441\u0447\u0438\u0442\u0430\u0435\u0442\u0441\u044f \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0439 \u0441 \u044d\u0442\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c\u044e\".\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u044b, \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u044b, \u0442\u043e\u0447\u043a\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u0431\u0435\u0441\u043f\u0440\u043e\u0432\u043e\u0434\u043d\u044b\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u044b Cisco \u0438 \u043c\u043d\u043e\u0433\u0438\u0435 \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430.\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043f\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0441\u0447\u0438\u0442\u0430\u044e\u0442, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u044d\u0442\u043e\u0442 \u0431\u0430\u0433, \u043c\u043e\u0433\u0443\u0442 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u0442\u044c \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0442\u0440\u0430\u0444\u0438\u043a, \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u0438, \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u044c \u0438 \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0442\u0440\u0430\u0444\u0438\u043a, \u043d\u0430\u0440\u0443\u0448\u0430\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u0441\u0435\u0433\u043c\u0435\u043d\u0442\u044b \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u043a\u0430\u043a \"\u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u044b\u0439 \u043f\u043b\u0430\u0446\u0434\u0430\u0440\u043c \u0434\u043b\u044f \u0441\u0435\u0442\u0438\".\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-10-21T14:57:23.000000Z"}, {"uuid": "56cba6a5-06cf-473f-9c9b-1e1424dc0e31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "exploited", "source": "https://t.me/BleepingComputer/18657", "content": "Latest news and stories from BleepingComputer.com\nCisco discloses new IOS XE zero-day exploited to deploy malware implant\n\nCisco disclosed a new high-severity zero-day (CVE-2023-20273) today, actively exploited to deploy malicious implants on IOS XE devices compromised using the CVE-2023-20198 zero-day unveiled earlier this week. [...]", "creation_timestamp": "2023-10-21T02:04:48.000000Z"}, {"uuid": "171775df-0076-4b45-b084-c9703cbc0cb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "exploited", "source": "https://t.me/BleepingComputer/18656", "content": "\u200aCisco discloses new IOS XE zero-day exploited to deploy malware implant\n\nCisco disclosed a new high-severity zero-day (CVE-2023-20273) today, actively exploited to deploy malicious implants on IOS XE devices compromised using the CVE-2023-20198 zero-day unveiled earlier this week. [...]\n\nhttps://www.bleepingcomputer.com/news/security/cisco-discloses-new-ios-xe-zero-day-exploited-to-deploy-malware-implant/", "creation_timestamp": "2023-10-21T01:18:29.000000Z"}, {"uuid": "08882d58-e8af-4743-8beb-242f9fdc22aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "exploited", "source": "https://t.me/BleepingComputer/18679", "content": "\u200aCisco patches IOS XE zero-days used to hack over 50,000 devices\n\nCisco has addressed the two vulnerabilities (CVE-2023-20198 and CVE-2023-20273) that hackers exploited to compromise tens of thousands of IOS XE devices over the past week. [...]\n\nhttps://www.bleepingcomputer.com/news/security/cisco-patches-ios-xe-zero-days-used-to-hack-over-50-000-devices/", "creation_timestamp": "2023-10-23T18:22:52.000000Z"}, {"uuid": "2e95c462-5e76-4f52-a371-176ca3aa7ec1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "exploited", "source": "https://t.me/hackyourmom/5597", "content": "\u041a\u043e\u043c\u043f\u0430\u043d\u0456\u044f Cisco \u0432\u0438\u044f\u0432\u0438\u043b\u0430 \u0449\u0435 \u043e\u0434\u043d\u0443 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443, \u043f\u043e\u0432'\u044f\u0437\u0430\u043d\u0443 \u0437 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u044e \u043b\u0456\u043d\u0456\u0454\u044e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043d\u043e\u0433\u043e \u0437\u0430\u0431\u0435\u0437\u043f\u0435\u0447\u0435\u043d\u043d\u044f \u043f\u0456\u0441\u043b\u044f \u0442\u043e\u0433\u043e, \u044f\u043a \u0435\u043a\u0441\u043f\u0435\u0440\u0442\u0438 \u0437 \u0431\u0435\u0437\u043f\u0435\u043a\u0438 \u0432\u0438\u0441\u043b\u043e\u0432\u0438\u043b\u0438 \u043e\u0431\u0443\u0440\u0435\u043d\u043d\u044f \u0442\u0438\u0441\u044f\u0447\u0430\u043c\u0438 \u043c\u043e\u0436\u043b\u0438\u0432\u0438\u0445 \u0436\u0435\u0440\u0442\u0432 \u0443\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u0456 \"zero-day\". \u041d\u0430 \u0446\u044c\u043e\u043c\u0443 \u0442\u0438\u0436\u043d\u0456 Cisco \u043e\u043f\u0443\u0431\u043b\u0456\u043a\u0443\u0432\u0430\u043b\u0430 \u0437\u0432\u0456\u0442 \u0442\u0430 \u0434\u043e\u043a\u043b\u0430\u0434\u043d\u0438\u0439 \u043f\u043e\u0441\u0442 \u0449\u043e\u0434\u043e CVE-2023-20198, \u043f\u043e\u043f\u0435\u0440\u0435\u0434\u0436\u0430\u044e\u0447\u0438, \u0449\u043e \u0437\u0430\u0433\u0440\u043e\u0437\u0430 \u043c\u0430\u0454 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u0438\u0439 \u0431\u0430\u043b CVSS 10 \u0456 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0432\u0438\u043a\u043e\u0440\u0438\u0441\u0442\u043e\u0432\u0443\u0454\u0442\u044c\u0441\u044f \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438. \u041f\u0430\u0442\u0447 \u0434\u043b\u044f \u0432\u0438\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0438 \u0431\u0443\u0432 \u043d\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0438\u0439, \u0456 Cisco \u043d\u0430\u0441\u0442\u0456\u0439\u043b\u0438\u0432\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0432\u0430\u043b\u0430 \u043a\u043b\u0456\u0454\u043d\u0442\u0430\u043c \u043f\u0435\u0440\u0435\u043a\u043e\u043d\u0430\u0442\u0438\u0441\u044f, \u0449\u043e \u0437\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u0456 \u043f\u0440\u0438\u0441\u0442\u0440\u043e\u0457 \u043d\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0456 \u0437 \u0406\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0443. \u0412 \u043f'\u044f\u0442\u043d\u0438\u0446\u044e \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0456\u0447\u043d\u0438\u0439 \u0433\u0456\u0433\u0430\u043d\u0442 \u0437\u0430\u044f\u0432\u0438\u0432, \u0449\u043e \u043f\u0430\u0442\u0447 \u0434\u043b\u044f \u0446\u0456\u0454\u0457 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0438 \u0431\u0443\u0434\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0438\u0439 \u0443 \u043d\u0435\u0434\u0456\u043b\u044e. \u041a\u043e\u043c\u043f\u0430\u043d\u0456\u044f \u0442\u0430\u043a\u043e\u0436 \u0440\u043e\u0437\u0433\u043b\u044f\u043d\u0443\u043b\u0430 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u0443 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443, \u043f\u0440\u043e \u044f\u043a\u0443 \u0437\u0433\u0430\u0434\u0443\u0432\u0430\u043b\u043e\u0441\u044f \u0432 \u0431\u043b\u043e\u0437\u0456 \u0456 \u044f\u043a\u0430 \u0432\u0438\u043a\u043b\u0438\u043a\u0430\u043b\u0430 \u0442\u0440\u0438\u0432\u043e\u0433\u0443 \u0441\u0435\u0440\u0435\u0434 \u0435\u043a\u0441\u043f\u0435\u0440\u0442\u0456\u0432. Cisco \u0441\u043f\u043e\u0447\u0430\u0442\u043a\u0443 \u043f\u043e\u0432\u0456\u0434\u043e\u043c\u0438\u043b\u0430, \u0449\u043e \u043f\u0456\u0434 \u0447\u0430\u0441 \u0430\u0442\u0430\u043a, \u043f\u043e\u0432'\u044f\u0437\u0430\u043d\u0438\u0445 \u0437 \u0443\u0440\u0430\u0437\u043b\u0438\u0432\u0456\u0441\u0442\u044e, \u0457\u0445 \u0444\u0430\u0445\u0456\u0432\u0446\u0456 \u0437 \u0440\u0435\u0430\u0433\u0443\u0432\u0430\u043d\u043d\u044f \u043d\u0430 \u0456\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0438 \u043f\u043e\u043c\u0456\u0442\u0438\u043b\u0438, \u0449\u043e \u0445\u0430\u043a\u0435\u0440\u0438 \u0442\u0430\u043a\u043e\u0436 \u0432\u0438\u043a\u043e\u0440\u0438\u0441\u0442\u043e\u0432\u0443\u0432\u0430\u043b\u0438 CVE-2021-1435, \u044f\u043a\u0443 Cisco \u0432\u0438\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0432 2021 \u0440\u043e\u0446\u0456. \u041f\u0440\u0438\u0441\u0442\u0440\u043e\u0457, \u043f\u043e\u0432\u043d\u0456\u0441\u0442\u044e \u0437\u0430\u0445\u0438\u0449\u0435\u043d\u0456 \u0432\u0456\u0434 \u0446\u0456\u0454\u0457 \u043f\u043e\u043c\u0438\u043b\u043a\u0438, \u0431\u0443\u043b\u0438 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0456 \u0448\u043a\u0456\u0434\u043b\u0438\u0432\u0438\u043c\u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u0430\u043c\u0438, \u044f\u043a\u0456 \u0443\u0441\u043f\u0456\u0448\u043d\u043e \u0432\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b\u0438\u0441\u044f \"\u0437\u0430 \u0434\u043e\u043f\u043e\u043c\u043e\u0433\u043e\u044e \u0449\u0435 \u043d\u0435 \u0432\u0438\u0437\u043d\u0430\u0447\u0435\u043d\u043e\u0433\u043e \u043c\u0435\u0445\u0430\u043d\u0456\u0437\u043c\u0443\". Cisco \u043e\u043d\u043e\u0432\u0438\u043b\u0430 \u0441\u0432\u043e\u044e \u043f\u043e\u0440\u0430\u0434\u0443 \u0449\u043e\u0434\u043e CVE-2023-20198, \u0432\u043a\u043b\u044e\u0447\u0438\u0432\u0448\u0438 \u043d\u043e\u0432\u0443 \u0443\u0440\u0430\u0437\u043b\u0438\u0432\u0456\u0441\u0442\u044c, \u044f\u043a\u0443 \u0432\u0456\u0434\u0441\u0442\u0435\u0436\u0443\u044e\u0442\u044c \u044f\u043a CVE-2023-20273, \u0449\u043e \u0432\u0438\u0440\u0456\u0448\u0443\u0454 \u0446\u0435 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u0435 \u043f\u0438\u0442\u0430\u043d\u043d\u044f. \u0412\u043e\u043d\u0438 \u043e\u043d\u043e\u0432\u0438\u043b\u0438 \u0431\u043b\u043e\u0433, \u0449\u043e\u0431 \u043f\u043e\u044f\u0441\u043d\u0438\u0442\u0438, \u0449\u043e \u043f\u0430\u0442\u0447, \u044f\u043a\u0438\u0439 \u0432\u0438\u0439\u0434\u0435 \u0432 \u043d\u0435\u0434\u0456\u043b\u044e, \u0432\u0438\u0440\u0456\u0448\u0438\u0442\u044c \u043e\u0431\u0438\u0434\u0432\u0456 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0438. \u0412\u043e\u043d\u0438 \u0434\u043e\u0434\u0430\u043b\u0438, \u0449\u043e \u0443\u0440\u0430\u0437\u043b\u0438\u0432\u0456\u0441\u0442\u044c CVE-2021-1435, \u0432\u0438\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 2021 \u0440\u043e\u0446\u0456, \"\u0431\u0456\u043b\u044c\u0448\u0435 \u043d\u0435 \u0432\u0432\u0430\u0436\u0430\u0454\u0442\u044c\u0441\u044f \u043f\u043e\u0432'\u044f\u0437\u0430\u043d\u043e\u044e \u0437 \u0446\u0456\u0454\u044e \u0430\u043a\u0442\u0438\u0432\u043d\u0456\u0441\u0442\u044e\". \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u0447\u0456\u043f\u0430\u0454 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0438, \u043a\u043e\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u0438, \u0442\u043e\u0447\u043a\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0443, \u0431\u0435\u0437\u0434\u0440\u043e\u0442\u043e\u0432\u0456 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0435\u0440\u0438 Cisco \u0442\u0430 \u0431\u0430\u0433\u0430\u0442\u043e \u0456\u043d\u0448\u0438\u0445 \u043f\u0440\u0438\u0441\u0442\u0440\u043e\u0457\u0432. \u0415\u043a\u0441\u043f\u0435\u0440\u0442\u0438 \u0437 \u043a\u0456\u0431\u0435\u0440\u0431\u0435\u0437\u043f\u0435\u043a\u0438 \u0432\u0432\u0430\u0436\u0430\u044e\u0442\u044c, \u0449\u043e \u0445\u0430\u043a\u0435\u0440\u0438, \u044f\u043a\u0456 \u0435\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0443\u044e\u0442\u044c \u0446\u044e \u043f\u043e\u043c\u0438\u043b\u043a\u0443, \u043c\u043e\u0436\u0443\u0442\u044c \u043c\u043e\u043d\u0456\u0442\u043e\u0440\u0438\u0442\u0438 \u043c\u0435\u0440\u0435\u0436\u0435\u0432\u0438\u0439 \u0442\u0440\u0430\u0444\u0456\u043a, \u043f\u0435\u0440\u0435\u0445\u043e\u043f\u043b\u044e\u0432\u0430\u0442\u0438 \u043f\u0440\u0438\u0432\u0456\u043b\u0435\u0433\u043e\u0432\u0430\u043d\u0456 \u043c\u0435\u0440\u0435\u0436\u0435\u0432\u0456 \u043a\u043e\u043c\u0443\u043d\u0456\u043a\u0430\u0446\u0456\u0457, \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u0438 \u0442\u0430 \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u0438 \u043c\u0435\u0440\u0435\u0436\u0435\u0432\u0438\u0439 \u0442\u0440\u0430\u0444\u0456\u043a, \u043f\u043e\u0440\u0443\u0448\u0443\u0432\u0430\u0442\u0438 \u0437\u0430\u0445\u0438\u0449\u0435\u043d\u0456 \u043c\u0435\u0440\u0435\u0436\u0435\u0432\u0456 \u0441\u0435\u0433\u043c\u0435\u043d\u0442\u0438 \u0442\u0430 \u0432\u0438\u043a\u043e\u0440\u0438\u0441\u0442\u043e\u0432\u0443\u0432\u0430\u0442\u0438 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u043e\u0432\u0430\u043d\u0438\u0439 \u043f\u0440\u0438\u0441\u0442\u0440\u0456\u0439 \u044f\u043a \"\u043f\u043e\u0441\u0442\u0456\u0439\u043d\u0443 \u043e\u043f\u043e\u0440\u0443 \u0434\u043b\u044f \u043c\u0435\u0440\u0435\u0436\u0456\".", "creation_timestamp": "2023-10-22T07:24:39.000000Z"}, {"uuid": "e905f33f-6848-49e8-ab57-8d95fc516d3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "exploited", "source": "https://t.me/kasperskyb2b/945", "content": "\u26a1\ufe0f\u26a1\ufe0f\u26a1\ufe0f\u26a1\ufe0f\u0412 Cisco \u043d\u0435 \u0431\u044b\u043b\u043e \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0445. \u041d\u0430\u0448\u043b\u0438 \u0432\u0442\u043e\u0440\u043e\u0439 \u0437\u0438\u0440\u043e\u0434\u0435\u0439 \u0432 IOS XE, \u043e\u0431\u043d\u043e\u0432\u0438\u043b\u0438 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044c, \u0432\u044b\u043b\u043e\u0436\u0438\u043b\u0438 \u0444\u0438\u043a\u0441 \n\n\u0410\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435, \u043f\u043e\u0445\u043e\u0436\u0435, \u0442\u043e\u0436\u0435 \u0432\u044b\u043b\u043e\u0436\u0438\u043b\u0438 \u0444\u0438\u043a\u0441 \ud83d\ude1e. \n\n\u0412 \u0434\u043e\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a \u0443\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u043c\u0443 CVE-2023-20198 (CVSS 10), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0439 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0441 \u0432\u044b\u0441\u043e\u043a\u0438\u043c \u0443\u0440\u043e\u0432\u043d\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 CVE-2023-20273 (CVSS 7.2), \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0432\u043d\u043e\u0432\u044c \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0434\u043e root.\n\n\u041e \u0442\u043e\u043c, \u043a\u0430\u043a\u0438\u0435 \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0435 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0440\u0435\u0448\u0438\u043b\u0438 \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435, \u043c\u044b \u0441\u043a\u043e\u0440\u043e \u0443\u0437\u043d\u0430\u0435\u043c \ud83d\ude0f.\n\u0417\u0430 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0432\u0438\u0434\u0438\u043c\u044b\u0445 \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 \u0437\u0430\u0440\u0430\u0436\u0451\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0441\u043d\u0430\u0447\u0430\u043b\u0430 \u043f\u0440\u0435\u0432\u044b\u0441\u0438\u043b\u043e 50 \u0442\u044b\u0441\u044f\u0447, \u0430 \u0437\u0430\u0442\u0435\u043c \u0441\u043d\u0438\u0437\u0438\u043b\u043e\u0441\u044c \u0434\u043e \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0441\u043e\u0442\u0435\u043d. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0435\u0434\u0438\u043d\u043e\u0434\u0443\u0448\u043d\u044b \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u044d\u0442\u043e \u2014 \u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u0438\u0434\u0438\u043c\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u043b\u0438 \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0441\u0432\u043e\u0439 \u0438\u043c\u043f\u043b\u0430\u043d\u0442, \u0447\u0442\u043e\u0431\u044b \u0437\u0430\u0442\u0440\u0443\u0434\u043d\u0438\u0442\u044c \u0435\u0433\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435. \u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u043a\u0430\u043a\u0438\u0435 \u0438\u0437 \u0440\u0430\u043d\u0435\u0435 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0445 IoC \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u0431\u044b\u0442\u044c \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u044b \u2014 \u0431\u043e\u043b\u044c\u0448\u043e\u0439 \u0432\u043e\u043f\u0440\u043e\u0441.\n\n\u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043e\u0439-\u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0434\u043b\u044f \u0442\u0435\u0445, \u043a\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0438\u043b\u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Cisco \u043d\u0430 IOS XE, \u0431\u0443\u0434\u0435\u0442 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u0441\u0432\u0435\u0436\u0438\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439, \u043d\u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u0443\u044e \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u044e \u043d\u0430\u0434\u043e \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0442\u044c \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u044c. \n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2023-10-23T09:35:18.000000Z"}, {"uuid": "89196496-1ab7-4118-a21f-1f2f059c71ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://t.me/ctinow/145489", "content": "https://ift.tt/1HWrPKL\nCisco IOS XE CVE-2023-20198 and CVE-2023-20273: WebUI Internals, Patch Diffs, and Theory Crafting", "creation_timestamp": "2023-10-26T03:23:43.000000Z"}, {"uuid": "f775d23e-27a7-407f-856c-4972d1f162c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://t.me/darkcommunityofficial/187", "content": "#CVE-2023-20198 & CVE-2023-20273 :\u00a0#Cisco IOS XE Software 'WebUI' - Authenticated / Unauthenticated Command Injection(Root)\n\nPOC N/A : https://github.com/smokeintheshell/CVE-2023-20198\n\nPOC\u00a0 N/A : https://github.com/smokeintheshell/CVE-2023-20273\n\nNVD POC : http://packetstormsecurity.com/files/175674/Cisco-IOX-XE-Unauthenticated-Remote-Code-Execution.html\n\n\ud83d\udc49 Follow: Kingsman", "creation_timestamp": "2023-12-10T12:53:22.000000Z"}, {"uuid": "6747675c-036c-4865-9364-c1ed6a911e50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://t.me/arpsyndicate/1467", "content": "#ExploitObserverAlert\n\nCVE-2023-20198\n\nDESCRIPTION: Exploit Observer has 170 entries related to CVE-2023-20198. Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. We are updating the list of fixed releases and adding the Software Checker. Our investigation has determined that the actors exploited two previously unknown issues. The attacker first exploited CVE-2023-20198 to gain initial access and issued a privilege 15 command to create a local user and password combination. This allowed the user to log in with normal user access. The attacker then exploited another component of the web UI feature, leveraging the new local user to elevate privilege to root and write the implant to the file system. Cisco has assigned CVE-2023-20273 to this issue. CVE-2023-20198 has been assigned a CVSS Score of 10.0. CVE-2023-20273 has been assigned a CVSS Score of 7.2. Both of these CVEs are being tracked by CSCwh87343.\n\nFIRST-EPSS: 0.890740000\nNVD-IS: 6.0\nNVD-ES: 3.9", "creation_timestamp": "2023-12-05T11:39:37.000000Z"}, {"uuid": "b07176b3-56a2-4bc8-bee2-c155bc5b2bd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "exploited", "source": "https://t.me/lordofficials2/1254", "content": "\ud83d\udea8 Cisco issued an alert about a new zero-day vulnerability in IOS XE (CVE-2023-20273). Attackers are actively exploiting it to install a malicious Lua-based implant on vulnerable devices. \n \nLearn more: https://thehackernews.com/2023/10/cisco-zero-day-exploited-to-implant.html", "creation_timestamp": "2023-10-23T14:54:00.000000Z"}, {"uuid": "509b32d8-9fd3-4da2-ba66-3e07d0949d32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "exploited", "source": "https://t.me/KomunitiSiber/966", "content": "Cisco Zero-Day Exploited to Implant Malicious Lua Backdoor on Thousands of Devices\nhttps://thehackernews.com/2023/10/cisco-zero-day-exploited-to-implant.html\n\nCisco has warned of a new zero-day flaw in IOS XE that has been actively exploited by an unknown threat actor to deploy a\u00a0malicious Lua-based implant\u00a0on susceptible devices.\nTracked as\u00a0CVE-2023-20273\u00a0(CVSS score: 7.2), the issue relates to a privilege escalation flaw in the web UI feature and is said to have been used alongside CVE-2023-20198 as part of an exploit chain.\n\"The attacker first", "creation_timestamp": "2023-10-21T06:34:57.000000Z"}, {"uuid": "b0421046-50f0-455f-94e8-a9fe6da0cd45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "exploited", "source": "https://t.me/CyberSecurityIL/66310", "content": "\u05e7\u05d1\u05d5\u05e6\u05ea \u05d4\u05ea\u05e7\u05d9\u05e4\u05d4 \u05d4\u05e1\u05d9\u05e0\u05d9\u05ea Salt Typhoon \u05de\u05de\u05e9\u05d9\u05db\u05d4 \u05dc\u05e4\u05e8\u05d5\u05e5 \u05dc\u05d7\u05d1\u05e8\u05d5\u05ea \u05ea\u05e7\u05e9\u05d5\u05e8\u05ea \u05de\u05e1\u05d1\u05d9\u05d1 \u05dc\u05e2\u05d5\u05dc\u05dd \u05d5\u05e2\u05d5\u05e9\u05d4 \u05d6\u05d0\u05ea \u05d1\u05d0\u05de\u05e6\u05e2\u05d5\u05ea \u05e0\u05d9\u05e6\u05d5\u05dc \u05d7\u05d5\u05dc\u05e9\u05d5\u05ea \u05d9\u05d3\u05d5\u05e2\u05d5\u05ea \u05d1\u05de\u05d5\u05e6\u05e8\u05d9\u05dd \u05e9\u05dc \u05d7\u05d1\u05e8\u05ea Cisco.\n\n\u05dc\u05e4\u05d9 \u05d3\u05d9\u05d5\u05d5\u05d7 \u05e9\u05dc \u05d7\u05d1\u05e8\u05ea \u05de\u05d5\u05d3\u05d9\u05e2\u05d9\u05df \u05d4\u05e1\u05d9\u05d9\u05d1\u05e8  Recorded Future \u05e7\u05d1\u05d5\u05e6\u05ea \u05d4\u05ea\u05e7\u05d9\u05e4\u05d4 \u05e4\u05e8\u05e6\u05d4 \u05dc\u05d9\u05d5\u05ea\u05e8 \u05de-1,000 \u05de\u05db\u05e9\u05d9\u05e8\u05d9\u05dd \u05e9\u05dc \u05e1\u05d9\u05e1\u05e7\u05d5 \u05d4\u05e9\u05d9\u05d9\u05db\u05d9\u05dd \u05dc\u05d7\u05d1\u05e8\u05d5\u05ea \u05ea\u05e7\u05e9\u05d5\u05e8\u05ea \u05d1\u05d0\u05e8\u05d4\"\u05d1, \u05d1\u05e8\u05d9\u05d8\u05e0\u05d9\u05d4, \u05d3\u05e8\u05d5\u05dd \u05d0\u05e4\u05e8\u05d9\u05e7\u05d4 \u05d5\u05e2\u05d5\u05d3.\n\n\u05d4\u05d7\u05d5\u05dc\u05e9\u05d5\u05ea \u05d4\u05de\u05e0\u05d5\u05e6\u05dc\u05d5\u05ea \u05d4\u05df CVE-2023-20198 \u05d5-CVE-2023-20273.\n\n\u05d4\u05de\u05d7\u05e7\u05e8 \u05d4\u05de\u05dc\u05d0 \u05db\u05d0\u05df.\n\nhttps://t.me/CyberSecurityIL/6589\n\n#\u05d7\u05d5\u05dc\u05e9\u05d5\u05ea #\u05ea\u05e7\u05e9\u05d5\u05e8\u05ea", "creation_timestamp": "2025-02-14T08:33:45.000000Z"}, {"uuid": "a167879c-6242-464c-9d2c-438a10c7a0ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "exploited", "source": "https://t.me/true_secator/6773", "content": "Cisco \u043e\u0442\u0447\u0430\u0441\u0442\u0438 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0430 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u0438\u0435 \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0432 \u043e\u0434\u043d\u043e\u043c \u0438\u0437 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432 Salt Typhoon \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0441\u0435\u0442\u044f\u043c \u0442\u0435\u043b\u0435\u043a\u043e\u043c-\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440 \u0432 \u0421\u0428\u0410 CVE-2018-0171 \u043d\u0430\u0440\u044f\u0434\u0443 \u0441 CVE-2023-20198 \u0438 CVE-2023-20273, \u043e \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0440\u0430\u043d\u0435\u0435 \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u0438 \u0432 Recorded Future\u2019s Insikt Group.\n\n\u041d\u0430\u043f\u043e\u043c\u043d\u0438\u043c \u043a\u0441\u0442\u0430\u0442\u0438, \u0447\u0442\u043e \u0432 \u0420\u043e\u0441\u0441\u0438\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044e \u043f\u0440\u0438\u0437\u043d\u0430\u043b\u0438 \u043d\u0435\u0436\u0435\u043b\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0437\u0430 \u0442\u043e, \u0447\u0442\u043e \u043e\u043d\u0430 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0430\u0433\u0438\u0442\u0433\u0430\u0437\u0435\u0442\u0443 \u0412\u0430\u0448\u0438\u043d\u0433\u0442\u043e\u043d\u0441\u043a\u043e\u0433\u043e \u043e\u0431\u043a\u043e\u043c\u0430 The Record.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u043e\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u043e\u0441\u0442\u044c \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u0442\u044c\u0441\u044f \u0432 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0441\u0440\u0435\u0434\u0430\u0445 \u043d\u0430 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u0438 \u0440\u0430\u0437\u043d\u044b\u0445 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432 \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u0434\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u0435\u0440\u0438\u043e\u0434\u043e\u0432 \u0432\u0440\u0435\u043c\u0435\u043d\u0438, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044f \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0434\u043d\u043e\u043c\u0443 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0443 \u043d\u0430 \u043f\u0440\u043e\u0442\u044f\u0436\u0435\u043d\u0438\u0438 \u0431\u043e\u043b\u0435\u0435 \u0442\u0440\u0435\u0445 \u043b\u0435\u0442.\n\n\u0412\u0430\u0436\u043d\u044b\u043c \u0430\u0441\u043f\u0435\u043a\u0442\u043e\u043c \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u044b\u0445 \u0443\u043a\u0440\u0430\u0434\u0435\u043d\u043d\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u043f\u0440\u0430\u0432\u0434\u0430 \u0441\u043f\u043e\u0441\u043e\u0431 \u0438\u0445 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u043a\u0430 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u0435\u043d.\n\n\u0411\u044b\u043b\u043e \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043e, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u0438\u043c\u0430\u0435\u0442 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u0437\u0430\u0432\u043b\u0430\u0434\u0435\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u044b\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0447\u0435\u0440\u0435\u0437 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0438 \u0440\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u044b\u0432\u0430\u0435\u0442 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043b\u0430\u0431\u044b\u0445 \u0442\u0438\u043f\u043e\u0432 \u043f\u0430\u0440\u043e\u043b\u0435\u0439.\n\n\u0412 Cisco \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0438, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0437\u0430\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u0442\u0440\u0430\u0444\u0438\u043a SNMP, TACACS \u0438 RADIUS, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0441\u0435\u043a\u0440\u0435\u0442\u043d\u044b\u0435 \u043a\u043b\u044e\u0447\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u043c\u0435\u0436\u0434\u0443 \u0441\u0435\u0442\u0435\u0432\u044b\u043c\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c\u0438 \u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c\u0438 TACACS/RADIUS \u0434\u043b\u044f \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u0415\u0449\u0435 \u043e\u0434\u043d\u0430 \u043f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e\u0441\u0442\u044c Salt Typhoon \u043f\u043e\u0434\u0440\u0430\u0437\u0443\u043c\u0435\u0432\u0430\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043c\u0435\u0442\u043e\u0434\u043e\u0432 LOTL \u043d\u0430 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445, \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u044f \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043e\u0439 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u043f\u043e\u0440\u043d\u044b\u0445 \u0442\u043e\u0447\u0435\u043a \u0434\u043b\u044f \u043f\u0435\u0440\u0435\u0445\u043e\u0434\u0430 \u043e\u0442 \u043e\u0434\u043d\u043e\u0433\u043e \u0442\u0435\u043b\u0435\u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0433\u043e \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u0430 \u043a \u0434\u0440\u0443\u0433\u043e\u043c\u0443.\n\n\u041f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u044d\u0442\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043f\u0440\u043e\u043c\u0435\u0436\u0443\u0442\u043e\u0447\u043d\u044b\u0445 \u0440\u0435\u0442\u0440\u0430\u043d\u0441\u043b\u044f\u0442\u043e\u0440\u043e\u0432 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0438\u0436\u0435\u043d\u0438\u044f \u043d\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u043e\u0439 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u0439 \u0446\u0435\u043b\u0438 \u0438\u043b\u0438 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043f\u0435\u0440\u0432\u043e\u0433\u043e \u0442\u0440\u0430\u043d\u0437\u0438\u0442\u043d\u043e\u0433\u043e \u043f\u0443\u043d\u043a\u0442\u0430 \u0434\u043b\u044f \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439 \u043f\u043e \u0443\u0442\u0435\u0447\u043a\u0435 \u0438\u0441\u0445\u043e\u0434\u044f\u0449\u0438\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u044d\u0442\u043e \u0434\u0430\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043e\u0441\u0442\u0430\u0432\u0430\u0442\u044c\u0441\u044f \u043d\u0435\u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u044b\u043c \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u0434\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0435\u0440\u0438\u043e\u0434\u0430 \u0432\u0440\u0435\u043c\u0435\u043d\u0438.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, Salt Typhoon \u043c\u0435\u043d\u044f\u043b\u0430 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 Guest Shell \u0438 \u0443\u043f\u0440\u043e\u0449\u0435\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0447\u0435\u0440\u0435\u0437 SSH.\n\n\u0422\u0430\u043a\u0436\u0435 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0443\u0442\u0438\u043b\u0438\u0442\u0430 JumbledPath, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0437\u0430\u0445\u0432\u0430\u0442 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 \u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 Cisco \u0447\u0435\u0440\u0435\u0437 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0439 \u0430\u043a\u0442\u0435\u0440\u043e\u043c jump-host.\n\n\u0414\u0432\u043e\u0438\u0447\u043d\u044b\u0439 \u0444\u0430\u0439\u043b ELF \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Go \u0442\u0430\u043a\u0436\u0435 \u0441\u043f\u043e\u0441\u043e\u0431\u0435\u043d \u043e\u0447\u0438\u0449\u0430\u0442\u044c \u0436\u0443\u0440\u043d\u0430\u043b\u044b \u0438 \u043e\u0442\u043a\u043b\u044e\u0447\u0430\u0442\u044c \u0436\u0443\u0440\u043d\u0430\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0434\u043b\u044f \u0441\u043e\u043a\u0440\u044b\u0442\u0438\u044f \u0441\u043b\u0435\u0434\u043e\u0432 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u0438 \u043f\u0440\u043e\u0442\u0438\u0432\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u043a\u0440\u0438\u043c\u0438\u043d\u0430\u043b\u0438\u0441\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u043c\u0443 \u0430\u043d\u0430\u043b\u0438\u0437\u0443.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u044d\u0442\u043e\u0439 \u0443\u0442\u0438\u043b\u0438\u0442\u044b \u043f\u043e\u043c\u043e\u0433\u0430\u0435\u0442 \u0441\u043a\u0440\u044b\u0442\u044c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u0439 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a \u0438 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0439 \u043f\u0443\u043d\u043a\u0442 \u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f \u0437\u0430\u043f\u0440\u043e\u0441\u0430, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0435\u0433\u043e \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u0443 \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0430\u0442\u044c\u0441\u044f \u0447\u0435\u0440\u0435\u0437 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043d\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 (\u0438\u043b\u0438 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0438\u0440\u0443\u0435\u043c\u044b\u0435) \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0438\u043b\u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043d\u0435\u043e\u0434\u043d\u043e\u043a\u0440\u0430\u0442\u043d\u043e \u0438\u0437\u043c\u0435\u043d\u044f\u043b \u0430\u0434\u0440\u0435\u0441 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 \u043e\u0431\u0440\u0430\u0442\u043d\u043e\u0439 \u0441\u0432\u044f\u0437\u0438 \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u0435 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b \u044d\u0442\u043e\u0442 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0430 SSH-\u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0439 \u043a \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c \u0432 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0441\u0440\u0435\u0434\u0435, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u043e \u0435\u043c\u0443 \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u043e \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u0441\u043f\u0438\u0441\u043a\u0438 ACL, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u043d\u0430 \u044d\u0442\u0438\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445.\n\nCisco \u0437\u0430\u044f\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u043d\u0435 \u043d\u0430\u0448\u043b\u0430 \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0430\u044f \u043a\u043e\u043c\u0430\u043d\u0434\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430 \u0434\u0440\u0443\u0433\u0438\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u043d\u0430\u0446\u0435\u043b\u0438\u0432\u0430\u043d\u0438\u044f, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0437\u0430 \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435\u043c \u0443\u0436\u0435 \u0444\u0438\u0433\u0443\u0440\u0438\u0440\u0443\u044e\u0449\u0438\u0445 \u0432 \u043e\u0442\u0447\u0435\u0442\u0430\u0445.\n\n\u041e\u0442\u0434\u0435\u043b\u044c\u043d\u043e \u043e\u0442\u043c\u0435\u0442\u0438\u0432, \u0447\u0442\u043e \u0432\u044b\u044f\u0432\u0438\u043b\u0430 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u043d\u0430\u0446\u0435\u043b\u0438\u0432\u0430\u043d\u0438\u0435 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Cisco \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u0439 Smart Install (SMI), \u0437\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u043c \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043b\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f CVE-2018-0171. \u041f\u0440\u0438\u0447\u0435\u043c \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u044f\u043a\u043e\u0431\u044b \u043d\u0435 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 Salt Typhoon \u0438 \u043d\u0435 \u0438\u043c\u0435\u0435\u0442 \u043e\u0431\u0449\u0438\u0445 \u0447\u0435\u0440\u0442 \u0441 \u043a\u0430\u043a\u043e\u0439-\u043b\u0438\u0431\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u043e\u0439.", "creation_timestamp": "2025-02-24T17:30:05.000000Z"}, {"uuid": "842501dc-f850-45ac-8d6f-5690fc791cb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "exploited", "source": "https://t.me/thehackernews/4038", "content": "\ud83d\udea8 Cisco issued an alert about a new zero-day vulnerability in IOS XE (CVE-2023-20273). Attackers are actively exploiting it to install a malicious Lua-based implant on vulnerable devices. \n \nLearn more: https://thehackernews.com/2023/10/cisco-zero-day-exploited-to-implant.html", "creation_timestamp": "2023-10-21T06:16:44.000000Z"}, {"uuid": "5a81de80-e2f6-43f3-b74e-43a527f3a2b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://t.me/thebugbountyhunter/7930", "content": "Cisco IOS XE CVE-2023-20198 and CVE-2023-20273: WebUI Internals, Patch Diffs, and Theory Crafting\n\nhttps://www.horizon3.ai/cisco-ios-xe-cve-2023-20198-theory-crafting/", "creation_timestamp": "2023-10-25T22:55:51.000000Z"}, {"uuid": "e8718ba0-5590-45dc-87eb-945e3aa1ece4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "exploited", "source": "https://t.me/S_E_Reborn/5450", "content": "Cisco \u043e\u0442\u0447\u0430\u0441\u0442\u0438 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0430 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u0438\u0435 \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0432 \u043e\u0434\u043d\u043e\u043c \u0438\u0437 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432 Salt Typhoon \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0441\u0435\u0442\u044f\u043c \u0442\u0435\u043b\u0435\u043a\u043e\u043c-\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440 \u0432 \u0421\u0428\u0410 CVE-2018-0171 \u043d\u0430\u0440\u044f\u0434\u0443 \u0441 CVE-2023-20198 \u0438 CVE-2023-20273, \u043e \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0440\u0430\u043d\u0435\u0435 \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u0438 \u0432 Recorded Future\u2019s Insikt Group.\n\n\u041d\u0430\u043f\u043e\u043c\u043d\u0438\u043c \u043a\u0441\u0442\u0430\u0442\u0438, \u0447\u0442\u043e \u0432 \u0420\u043e\u0441\u0441\u0438\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044e \u043f\u0440\u0438\u0437\u043d\u0430\u043b\u0438 \u043d\u0435\u0436\u0435\u043b\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0437\u0430 \u0442\u043e, \u0447\u0442\u043e \u043e\u043d\u0430 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0430\u0433\u0438\u0442\u0433\u0430\u0437\u0435\u0442\u0443 \u0412\u0430\u0448\u0438\u043d\u0433\u0442\u043e\u043d\u0441\u043a\u043e\u0433\u043e \u043e\u0431\u043a\u043e\u043c\u0430 The Record.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u043e\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u043e\u0441\u0442\u044c \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u0442\u044c\u0441\u044f \u0432 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0441\u0440\u0435\u0434\u0430\u0445 \u043d\u0430 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u0438 \u0440\u0430\u0437\u043d\u044b\u0445 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432 \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u0434\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u0435\u0440\u0438\u043e\u0434\u043e\u0432 \u0432\u0440\u0435\u043c\u0435\u043d\u0438, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044f \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0434\u043d\u043e\u043c\u0443 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0443 \u043d\u0430 \u043f\u0440\u043e\u0442\u044f\u0436\u0435\u043d\u0438\u0438 \u0431\u043e\u043b\u0435\u0435 \u0442\u0440\u0435\u0445 \u043b\u0435\u0442.\n\n\u0412\u0430\u0436\u043d\u044b\u043c \u0430\u0441\u043f\u0435\u043a\u0442\u043e\u043c \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u044b\u0445 \u0443\u043a\u0440\u0430\u0434\u0435\u043d\u043d\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u043f\u0440\u0430\u0432\u0434\u0430 \u0441\u043f\u043e\u0441\u043e\u0431 \u0438\u0445 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u043a\u0430 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u0435\u043d.\n\n\u0411\u044b\u043b\u043e \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043e, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u0438\u043c\u0430\u0435\u0442 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u0437\u0430\u0432\u043b\u0430\u0434\u0435\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u044b\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0447\u0435\u0440\u0435\u0437 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0438 \u0440\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u044b\u0432\u0430\u0435\u0442 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043b\u0430\u0431\u044b\u0445 \u0442\u0438\u043f\u043e\u0432 \u043f\u0430\u0440\u043e\u043b\u0435\u0439.\n\n\u0412 Cisco \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0438, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0437\u0430\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u0442\u0440\u0430\u0444\u0438\u043a SNMP, TACACS \u0438 RADIUS, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0441\u0435\u043a\u0440\u0435\u0442\u043d\u044b\u0435 \u043a\u043b\u044e\u0447\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u043c\u0435\u0436\u0434\u0443 \u0441\u0435\u0442\u0435\u0432\u044b\u043c\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c\u0438 \u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c\u0438 TACACS/RADIUS \u0434\u043b\u044f \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u0415\u0449\u0435 \u043e\u0434\u043d\u0430 \u043f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e\u0441\u0442\u044c Salt Typhoon \u043f\u043e\u0434\u0440\u0430\u0437\u0443\u043c\u0435\u0432\u0430\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043c\u0435\u0442\u043e\u0434\u043e\u0432 LOTL \u043d\u0430 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445, \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u044f \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043e\u0439 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u043f\u043e\u0440\u043d\u044b\u0445 \u0442\u043e\u0447\u0435\u043a \u0434\u043b\u044f \u043f\u0435\u0440\u0435\u0445\u043e\u0434\u0430 \u043e\u0442 \u043e\u0434\u043d\u043e\u0433\u043e \u0442\u0435\u043b\u0435\u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0433\u043e \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u0430 \u043a \u0434\u0440\u0443\u0433\u043e\u043c\u0443.\n\n\u041f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u044d\u0442\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043f\u0440\u043e\u043c\u0435\u0436\u0443\u0442\u043e\u0447\u043d\u044b\u0445 \u0440\u0435\u0442\u0440\u0430\u043d\u0441\u043b\u044f\u0442\u043e\u0440\u043e\u0432 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0438\u0436\u0435\u043d\u0438\u044f \u043d\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u043e\u0439 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u0439 \u0446\u0435\u043b\u0438 \u0438\u043b\u0438 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043f\u0435\u0440\u0432\u043e\u0433\u043e \u0442\u0440\u0430\u043d\u0437\u0438\u0442\u043d\u043e\u0433\u043e \u043f\u0443\u043d\u043a\u0442\u0430 \u0434\u043b\u044f \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439 \u043f\u043e \u0443\u0442\u0435\u0447\u043a\u0435 \u0438\u0441\u0445\u043e\u0434\u044f\u0449\u0438\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u044d\u0442\u043e \u0434\u0430\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043e\u0441\u0442\u0430\u0432\u0430\u0442\u044c\u0441\u044f \u043d\u0435\u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u044b\u043c \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u0434\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0435\u0440\u0438\u043e\u0434\u0430 \u0432\u0440\u0435\u043c\u0435\u043d\u0438.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, Salt Typhoon \u043c\u0435\u043d\u044f\u043b\u0430 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 Guest Shell \u0438 \u0443\u043f\u0440\u043e\u0449\u0435\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0447\u0435\u0440\u0435\u0437 SSH.\n\n\u0422\u0430\u043a\u0436\u0435 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0443\u0442\u0438\u043b\u0438\u0442\u0430 JumbledPath, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0437\u0430\u0445\u0432\u0430\u0442 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 \u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 Cisco \u0447\u0435\u0440\u0435\u0437 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0439 \u0430\u043a\u0442\u0435\u0440\u043e\u043c jump-host.\n\n\u0414\u0432\u043e\u0438\u0447\u043d\u044b\u0439 \u0444\u0430\u0439\u043b ELF \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Go \u0442\u0430\u043a\u0436\u0435 \u0441\u043f\u043e\u0441\u043e\u0431\u0435\u043d \u043e\u0447\u0438\u0449\u0430\u0442\u044c \u0436\u0443\u0440\u043d\u0430\u043b\u044b \u0438 \u043e\u0442\u043a\u043b\u044e\u0447\u0430\u0442\u044c \u0436\u0443\u0440\u043d\u0430\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0434\u043b\u044f \u0441\u043e\u043a\u0440\u044b\u0442\u0438\u044f \u0441\u043b\u0435\u0434\u043e\u0432 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u0438 \u043f\u0440\u043e\u0442\u0438\u0432\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u043a\u0440\u0438\u043c\u0438\u043d\u0430\u043b\u0438\u0441\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u043c\u0443 \u0430\u043d\u0430\u043b\u0438\u0437\u0443.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u044d\u0442\u043e\u0439 \u0443\u0442\u0438\u043b\u0438\u0442\u044b \u043f\u043e\u043c\u043e\u0433\u0430\u0435\u0442 \u0441\u043a\u0440\u044b\u0442\u044c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u0439 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a \u0438 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0439 \u043f\u0443\u043d\u043a\u0442 \u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f \u0437\u0430\u043f\u0440\u043e\u0441\u0430, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0435\u0433\u043e \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u0443 \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0430\u0442\u044c\u0441\u044f \u0447\u0435\u0440\u0435\u0437 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043d\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 (\u0438\u043b\u0438 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0438\u0440\u0443\u0435\u043c\u044b\u0435) \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0438\u043b\u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043d\u0435\u043e\u0434\u043d\u043e\u043a\u0440\u0430\u0442\u043d\u043e \u0438\u0437\u043c\u0435\u043d\u044f\u043b \u0430\u0434\u0440\u0435\u0441 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 \u043e\u0431\u0440\u0430\u0442\u043d\u043e\u0439 \u0441\u0432\u044f\u0437\u0438 \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u0435 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b \u044d\u0442\u043e\u0442 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0430 SSH-\u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0439 \u043a \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c \u0432 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0441\u0440\u0435\u0434\u0435, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u043e \u0435\u043c\u0443 \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u043e \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u0441\u043f\u0438\u0441\u043a\u0438 ACL, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u043d\u0430 \u044d\u0442\u0438\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445.\n\nCisco \u0437\u0430\u044f\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u043d\u0435 \u043d\u0430\u0448\u043b\u0430 \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0430\u044f \u043a\u043e\u043c\u0430\u043d\u0434\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430 \u0434\u0440\u0443\u0433\u0438\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u043d\u0430\u0446\u0435\u043b\u0438\u0432\u0430\u043d\u0438\u044f, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0437\u0430 \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435\u043c \u0443\u0436\u0435 \u0444\u0438\u0433\u0443\u0440\u0438\u0440\u0443\u044e\u0449\u0438\u0445 \u0432 \u043e\u0442\u0447\u0435\u0442\u0430\u0445.\n\n\u041e\u0442\u0434\u0435\u043b\u044c\u043d\u043e \u043e\u0442\u043c\u0435\u0442\u0438\u0432, \u0447\u0442\u043e \u0432\u044b\u044f\u0432\u0438\u043b\u0430 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u043d\u0430\u0446\u0435\u043b\u0438\u0432\u0430\u043d\u0438\u0435 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Cisco \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u0439 Smart Install (SMI), \u0437\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u043c \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043b\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f CVE-2018-0171. \u041f\u0440\u0438\u0447\u0435\u043c \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u044f\u043a\u043e\u0431\u044b \u043d\u0435 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 Salt Typhoon \u0438 \u043d\u0435 \u0438\u043c\u0435\u0435\u0442 \u043e\u0431\u0449\u0438\u0445 \u0447\u0435\u0440\u0442 \u0441 \u043a\u0430\u043a\u043e\u0439-\u043b\u0438\u0431\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u043e\u0439.", "creation_timestamp": "2025-02-24T17:30:56.000000Z"}, {"uuid": "d3a37a8c-860d-405c-b09c-9d86d4a5f5e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113504363889721502", "content": "", "creation_timestamp": "2024-11-18T14:12:27.208897Z"}, {"uuid": "a36f4351-75c3-4f7f-bc7c-8f54c3a74ccc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3li3k7rchui2m", "content": "", "creation_timestamp": "2025-02-13T20:38:47.897880Z"}, {"uuid": "d7400203-b0c6-4e45-8f2b-520caa4d920d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-1940605c-07471aeb152b8787", "content": "", "creation_timestamp": "2025-03-01T00:54:37.683580Z"}, {"uuid": "eeda4538-cb43-437c-9c49-53228adc15b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lifuxb6sgj2u", "content": "", "creation_timestamp": "2025-02-17T23:17:31.070102Z"}, {"uuid": "5f178f73-e24e-45b4-9d65-715a9301717d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lige6aldc22g", "content": "", "creation_timestamp": "2025-02-18T03:49:53.872976Z"}, {"uuid": "00088af3-ea31-4225-a653-5169f2e23a05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://bsky.app/profile/andranglin.bsky.social/post/3ligs5dkk2s2h", "content": "", "creation_timestamp": "2025-02-18T07:59:54.951729Z"}, {"uuid": "9cb237f0-d04d-4060-9a8a-80ced3781de1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:48.000000Z"}, {"uuid": "7c8b7be6-e2dd-46a6-a092-5cb6d0611d0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-63bf87e2-c9a94cd991e03d23", "content": "", "creation_timestamp": "2025-05-04T06:54:42.276000Z"}, {"uuid": "527da46c-2fe9-4573-8e24-491e1cbe4916", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/misc/cisco_ios_xe_rce.rb", "content": "", "creation_timestamp": "2023-11-08T15:22:03.000000Z"}, {"uuid": "b4bd5a9d-bf45-453b-bdd3-08a7d59598da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "MISP/3057b723-5fae-476d-b162-b0a1a9a63ac2", "content": "", "creation_timestamp": "2025-09-01T03:42:37.000000Z"}, {"uuid": "d51a77f5-70e7-43e7-afd4-f0b22c81c471", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/b20afb65-0745-4292-9fae-3d42ff6b77d2", "content": "", "creation_timestamp": "2026-02-02T12:26:48.122271Z"}, {"uuid": "2dfdce08-7a0a-4bd6-bdb4-ee918a907775", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "published-proof-of-concept", "source": "https://t.me/ckuRED/337", "content": "A backdoor is implanted on Cisco devices by exploiting a pair of zero-day flaws in IOS XE software that has been modified by the threat actor so as to escape visibility via previous fingerprinting methods.\n\nThe attacks entail fashioning CVE-2023-20198 (CVSS score: 10.0) and CVE-2023-20273 (CVSS score: 7.2) into an exploit chain that grants the threat actor the ability to gain access to the devices, create a privileged account, and ultimately deploy a Lua-based implant on the devices.\n\nhttps://thehackernews.com/2023/10/backdoor-implant-on-hacked-cisco.html", "creation_timestamp": "2023-10-24T08:37:10.000000Z"}, {"uuid": "ee3ba26f-cc75-475a-8f0c-7c5f3e570286", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5613", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCisco IOS XE implant scanning & detection (CVE-2023-20198, CVE-2023-20273)\nURL\uff1ahttps://github.com/fox-it/cisco-ios-xe-implant-detection\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-30T13:53:31.000000Z"}, {"uuid": "5f3316c5-b6b9-4cd2-b78b-9cff02f7dfc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://t.me/poxek/3328", "content": "#cisco #cve #webshell #scanner #blueteam\n\n[ Cisco IOS XE Device Scanner for CVE-2023-20198 & CVE-2023-20273 ]\n\nWebshell fingerprinting scanner designed to identify implants on Cisco IOS XE WebUI's affected by CVE-2023-20198 and CVE-2023-20273. \n\nImportant! This is not a POC for exploitation. This is a OSINT/Blue Team/Research tool.\n\nAuthor: Shadow0ps\n\nhttps://github.com/Shadow0ps/CVE-2023-20198-Scanner", "creation_timestamp": "2023-10-25T00:16:14.000000Z"}, {"uuid": "2166cb7a-f2a2-47fd-9259-ee8851b5e4fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "exploited", "source": "https://t.me/BitLenta/19937", "content": "Cisco \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0435\u0449\u0435 \u043e\u0434\u043d\u0443 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 IOS XE\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Cisco \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e \u043d\u043e\u0432\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f (CVE-2023-20273), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438 \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u043c\u0430\u043b\u0432\u0430\u0440\u0438 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 IOS XE, \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0434\u0440\u0443\u0433\u043e\u0439 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u2014 CVE-2023-20198. \u0412 \u043c\u0438\u043d\u0443\u0432\u0448\u0438\u0435 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0435 \u043e\u0431\u0449\u0435\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043f\u0440\u0435\u0432\u044b\u0441\u0438\u043b\u043e 50 000.\n\nhttps://xakep.ru/2023/10/23/cisco-ios-xe-attacks-and-0day/", "creation_timestamp": "2023-10-23T17:15:56.000000Z"}, {"uuid": "1168d666-71f7-4d35-8cfb-8a01d60ed18d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "published-proof-of-concept", "source": "Telegram/oE3hWCiKh5wLcwBqXtReTyW_wZVOp6ZWWNV5yZkxf5aH", "content": "", "creation_timestamp": "2023-10-24T15:55:42.000000Z"}, {"uuid": "eb611c0a-84e1-41b9-82cc-dd7824708d07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://t.me/arpsyndicate/1705", "content": "#ExploitObserverAlert\n\nCVE-2023-20198\n\nDESCRIPTION: Exploit Observer has 170 entries related to CVE-2023-20198. Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. We are updating the list of fixed releases and adding the Software Checker. Our investigation has determined that the actors exploited two previously unknown issues. The attacker first exploited CVE-2023-20198 to gain initial access and issued a privilege 15 command to create a local user and password combination. This allowed the user to log in with normal user access. The attacker then exploited another component of the web UI feature, leveraging the new local user to elevate privilege to root and write the implant to the file system. Cisco has assigned CVE-2023-20273 to this issue. CVE-2023-20198 has been assigned a CVSS Score of 10.0. CVE-2023-20273 has been assigned a CVSS Score of 7.2. Both of these CVEs are being tracked by CSCwh87343.\n\nFIRST-EPSS: 0.890740000\nNVD-IS: 6.0\nNVD-ES: 3.9", "creation_timestamp": "2023-12-11T05:40:52.000000Z"}, {"uuid": "31544c03-1bdc-4b67-81c5-ae9882b0d544", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://t.me/arpsyndicate/1583", "content": "#ExploitObserverAlert\n\nCVE-2023-20273\n\nDESCRIPTION: Exploit Observer has 8 entries related to CVE-2023-20273. A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges.\n\nFIRST-EPSS: 0.060170000\nNVD-IS: 5.9\nNVD-ES: 1.2", "creation_timestamp": "2023-12-10T00:29:54.000000Z"}, {"uuid": "efbcaef2-7d81-45c1-a557-5f0ca1835990", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://t.me/arpsyndicate/1588", "content": "#ExploitObserverAlert\n\nCVE-2023-20198\n\nDESCRIPTION: Exploit Observer has 170 entries related to CVE-2023-20198. Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. We are updating the list of fixed releases and adding the Software Checker. Our investigation has determined that the actors exploited two previously unknown issues. The attacker first exploited CVE-2023-20198 to gain initial access and issued a privilege 15 command to create a local user and password combination. This allowed the user to log in with normal user access. The attacker then exploited another component of the web UI feature, leveraging the new local user to elevate privilege to root and write the implant to the file system. Cisco has assigned CVE-2023-20273 to this issue. CVE-2023-20198 has been assigned a CVSS Score of 10.0. CVE-2023-20273 has been assigned a CVSS Score of 7.2. Both of these CVEs are being tracked by CSCwh87343.\n\nFIRST-EPSS: 0.890740000\nNVD-IS: 6.0\nNVD-ES: 3.9", "creation_timestamp": "2023-12-10T01:04:13.000000Z"}, {"uuid": "efde5638-02f4-4709-a470-0ac010e67f8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "exploited", "source": "Telegram/8QclPQdNk2tBDh7iCM6hN4Ie8GbuWM6CcrUhxJ5Rr7asPg", "content": "", "creation_timestamp": "2023-10-21T07:53:13.000000Z"}, {"uuid": "3d69eb18-09f8-4fad-8ed4-59fadae84a44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/136", "content": "\ud83d\udea8 Cisco issued an alert about a new zero-day vulnerability in IOS XE (CVE-2023-20273). Attackers are actively exploiting it to install a malicious Lua-based implant on vulnerable devices. \n \nLearn more: https://thehackernews.com/2023/10/cisco-zero-day-exploited-to-implant.html", "creation_timestamp": "2023-10-21T09:45:03.000000Z"}, {"uuid": "94b037fd-a31d-40d0-b7d7-d90963d3fb1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/3549", "content": "https://paper.seebug.org/3072\n\nCisco IOS XE system WebUI unauthorized command execution vulnerability analysis\n\nCVE-2023-20198, CVE-2023-20273", "creation_timestamp": "2023-11-13T14:07:17.000000Z"}, {"uuid": "91e58ac2-1cc0-4e63-a33e-69be16c5bcf0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "published-proof-of-concept", "source": "Telegram/ppcOiv6RtqIsp9O_R3AbX8SB1ZHSBDPbm6DWSuD3b8Rf", "content": "", "creation_timestamp": "2023-11-13T14:54:21.000000Z"}, {"uuid": "4272c87a-f2aa-494f-b55c-d4671559cddb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "exploited", "source": "https://t.me/true_secator/5057", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u0441\u043b\u0435\u0434\u0438\u0442\u044c \u0437\u0430 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0435\u0439 Cisco IOS XE 0-day.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Cisco Talos \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u043f\u043e \u044d\u0442\u043e\u043c\u0443 \u043f\u043e\u0432\u043e\u0434\u0443 \u043e\u0442\u0447\u0435\u0442, \u0433\u0434\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 BadCandy, \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u0430\u0442\u0430 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Lua, \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442\u043e\u0433\u043e \u043d\u0430 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430\u0445 Cisco IOS XE \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c \u0434\u0432\u0443\u0445 \u043d\u0435\u0434\u0430\u0432\u043d\u0438\u0445 CVE-2023-20198 \u0438 CVE-2023-20273.\n\n\u0410\u043a\u0442\u0438\u0432\u043d\u044b\u0439 \u043f\u0440\u0438\u0440\u043e\u0441\u0442 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0441\u044f \u0441 \u043c\u043e\u043c\u0435\u043d\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 POC 30 \u0438 31 \u043e\u043a\u0442\u044f\u0431\u0440\u044f.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u043e\u0431\u0438\u0440\u0430\u043b \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e\u0431 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u0438 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u043b \u0440\u0430\u0437\u0432\u0435\u0434\u043a\u0443, \u043e\u0447\u0438\u0449\u0430\u044f \u0436\u0443\u0440\u043d\u0430\u043b\u044b \u0438 \u0443\u0434\u0430\u043b\u044f\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0447\u0442\u043e\u0431\u044b \u0441\u043a\u0440\u044b\u0442\u044c \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430 \u0441\u0432\u043e\u0435\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438.\n\n\u0412 \u0446\u0435\u043b\u043e\u043c, \u0441 \u043d\u0430\u0447\u0430\u043b\u0430 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043e \u0434\u0432\u0430 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u044c\u044e \u0443\u0432\u0435\u0440\u0435\u043d\u043d\u043e\u0441\u0442\u0438 \u0431\u044b\u043b\u0438 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u0435\u043d\u044b \u043e\u0434\u043d\u0438\u043c \u0438 \u0442\u0435\u043c \u0436\u0435 \u0441\u0443\u0431\u044a\u0435\u043a\u0442\u043e\u043c.\n\n\u041f\u0435\u0440\u0432\u044b\u0439 \u043a\u043b\u0430\u0441\u0442\u0435\u0440, \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e, \u0431\u044b\u043b \u043f\u0435\u0440\u0432\u043e\u0439 \u043f\u043e\u043f\u044b\u0442\u043a\u043e\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430 \u043f\u0440\u043e\u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0432\u043e\u0439 \u043a\u043e\u0434, \u0432 \u0442\u043e \u0432\u0440\u0435\u043c\u044f \u043a\u0430\u043a \u043e\u043a\u0442\u044f\u0431\u0440\u044c\u0441\u043a\u0438\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f, \u0441\u0443\u0434\u044f \u043f\u043e \u0432\u0441\u0435\u043c\u0443, \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0442, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0440\u0430\u0441\u0448\u0438\u0440\u0438\u043b \u0441\u0432\u043e\u044e \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c, \u0432\u043a\u043b\u044e\u0447\u0438\u0432 \u0432 \u043d\u0435\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u0430\u0442\u0430.\n\n\u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0441\u0435\u0439\u0447\u0430\u0441 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e \u0438\u043c\u0435\u0435\u0442 \u0432\u0435\u0440\u0441\u0438\u044e 3, \u0447\u0442\u043e \u0441\u0432\u0438\u0434\u0435\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0443\u0435\u0442 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0432\u0441\u0435 \u0435\u0449\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u0443\u044e\u0442 \u0441\u0432\u043e\u0438 \u0430\u0442\u0430\u043a\u0438 \u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e, \u0447\u0442\u043e\u0431\u044b \u0441\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c.\n\n\u041d\u043e\u0432\u044b\u0439 \u0432\u0430\u0440\u0438\u0430\u043d\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u0430\u0442\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0442\u044c \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u0438 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f HTTP-\u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u043e\u0432 \u00abAuthorization\u00bb \u0438\u043b\u0438 \u00abX-Csrf-Token\u00bb, \u0447\u0442\u043e \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0435\u0439 \u043e\u0431\u0445\u043e\u0434\u0430 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u0432 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f.\n\n\u041f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043c\u043e\u0434\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 v3, \u043f\u043e\u0445\u043e\u0436\u0435, \u0441\u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0438, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 Shadowserver Foundation \u043f\u0440\u0435\u043a\u0440\u0430\u0442\u0438\u043b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u0442\u044c\u00a0\u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\n\nIOC \u0434\u043b\u044f \u0443\u0433\u0440\u043e\u0437\u044b \u043c\u043e\u0436\u043d\u043e \u043d\u0430\u0439\u0442\u0438 \u043d\u0430 GitHub (\u0437\u0434\u0435\u0441\u044c), \u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2023-11-07T19:10:06.000000Z"}, {"uuid": "abac44eb-856a-49a7-a016-2758bbbf39d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "exploited", "source": "https://t.me/true_secator/5006", "content": "\u0412\u043b\u0438\u044f\u043d\u0438\u0435 0-day Cisco IOS XE \u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u0435\u0449\u0435 \u0448\u0438\u0440\u0435, \u0447\u0435\u043c \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u043b\u043e\u0441\u044c.\n\nRockwell Automation \u043e\u0431\u0440\u0430\u0442\u0438\u043b\u0430\u0441\u044c \u043a \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u0441 \u043d\u043e\u0432\u043e\u0441\u0442\u044c\u044e \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0430\u044f 0-day \u0442\u0430\u043a\u0436\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u044b\u0435 \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u044b Stratix.\n\n\u041a\u0430\u043a \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u0445\u0430\u043a\u0435\u0440\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0434\u0432\u0435 0-day \u0432 Cisco IOS XE (CVE-2023-20198 \u0438 CVE-2023-20273), \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u0441 \u0432\u044b\u0441\u043e\u043a\u0438\u043c \u0443\u0440\u043e\u0432\u043d\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u0430\u0442\u0430 Lua, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439.\n\n\u0418\u043d\u0444\u043e\u0441\u0435\u043a-\u0441\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u043e\u00a0\u0434\u0435\u0441\u044f\u0442\u043a\u0438 \u0442\u044b\u0441\u044f\u0447 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u00a0\u0432\u0441\u043a\u043e\u0440\u0435 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a Cisco \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e \u043f\u0435\u0440\u0432\u043e\u0439 \u0430\u0442\u0430\u043a\u0435 0-day Cisco IOS XE.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, Rockwell \u0442\u0430\u043a\u0436\u0435 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430, \u0447\u0442\u043e \u0435\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u0435 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u044b\u0435 Ethernet-\u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u044b Stratix 5800 \u0438 5200, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435 \u041e\u0421 Cisco IOS XE, \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2023-20198.\n\n\u041d\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u044b \u0432\u043b\u0438\u044f\u043d\u0438\u044e \u043b\u0438\u0448\u044c \u0432 \u0442\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435, \u0435\u0441\u043b\u0438 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u044f \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 IOS XE.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0432 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 Rockwell\u00a0\u0432\u044b\u0448\u043b\u0438 \u0434\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0432\u0442\u043e\u0440\u043e\u0433\u043e 0-day,\u00a0\u0432 \u043d\u0438\u0445 \u043d\u0438\u0447\u0435\u0433\u043e \u043d\u0435 \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u0435\u0442\u0441\u044f \u043f\u0440\u043e\u00a0CVE-2023-20273, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0438 \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u0430\u0442\u0430.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0442\u0430\u043a\u0436\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0438 \u041f\u041e IOS XE \u043d\u0430 \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u0430\u0445 Rockwell.\n\n\u0425\u043e\u0442\u044f Rockwell \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u043d\u0435\u0442, Cisco \u0432\u0441\u0435 \u0436\u0435 \u0441\u043c\u043e\u0433\u043b\u0430 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043f\u0440\u0430\u0432\u0434\u0430 \u0443\u0436\u0435 \u043f\u043e\u0441\u043b\u0435 \u0438\u0445 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439.\n\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u043e\u0432 \u043f\u043e\u043e\u0431\u0435\u0449\u0430\u043b \u043f\u043e\u0434\u0435\u043b\u0438\u0442\u044c\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u043f\u043e \u043c\u0435\u0440\u0435 \u043f\u043e\u0441\u0442\u0443\u043f\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u043d\u043e \u043e\u0442\u043c\u0435\u0442\u0438\u043b, \u0447\u0442\u043e \u0435\u043c\u0443 \u043d\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e\u0431 \u0430\u0442\u0430\u043a\u0430\u0445, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u0435\u0433\u043e \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b.\n\n\u041d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u043f\u043e\u043a\u0430 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u043d\u0435\u044f\u0441\u043d\u043e\u0439 \u043a\u043e\u043d\u0435\u0447\u043d\u0430\u044f \u0446\u0435\u043b\u044c \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438.\n\n\u041f\u0440\u0438 \u0442\u043e\u043c, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u00a0\u0434\u0435\u0441\u044f\u0442\u043a\u0438 \u0442\u044b\u0441\u044f\u0447 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u0432 \u0438 \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u043e\u0432 Cisco, \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u044f \u0441\u0432\u043e\u0439 \u0438\u043c\u043f\u043b\u0430\u043d\u0442 \u0434\u043b\u044f \u043f\u0435\u0440\u0441\u0438\u0441\u0442\u0435\u043d\u0442\u043d\u043e\u0441\u0442\u0438.\n\n\u041d\u043e \u0431\u0443\u0434\u0435\u043c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2023-10-25T15:30:05.000000Z"}, {"uuid": "9801ef37-4f61-4e3c-8362-b220f0fcf731", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20271", "type": "seen", "source": "https://t.me/ctinow/174982", "content": "https://ift.tt/NV2uH8B\nCVE-2023-20271 | Cisco Evolved Programmable Network Manager Web-based Management Interface sql injection (cisco-sa-pi-epnm-wkZJeyeq)", "creation_timestamp": "2024-01-28T16:56:18.000000Z"}, {"uuid": "aacd382e-1151-4fd5-bd6e-5185a34b4f07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20271", "type": "seen", "source": "https://t.me/ctinow/169402", "content": "https://ift.tt/lP0SYfg\nCVE-2023-20271", "creation_timestamp": "2024-01-17T18:27:11.000000Z"}, {"uuid": "10288ed2-9678-4cf1-84c3-1a49993314c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20275", "type": "seen", "source": "https://t.me/ctinow/159059", "content": "https://ift.tt/2aVnO7v\nCVE-2023-20275 | Cisco ASA/Firepower Threat Defense Software VPN Packet Validation unknown vulnerability (cisco-sa-asa-ssl-vpn-Y88QOm77)", "creation_timestamp": "2023-12-24T16:51:49.000000Z"}, {"uuid": "b6293f7f-8218-4448-bcc5-db1124388c0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "exploited", "source": "https://t.me/xakep_ru/14881", "content": "Cisco \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0435\u0449\u0435 \u043e\u0434\u043d\u0443 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 IOS XE\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Cisco \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e \u043d\u043e\u0432\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f (CVE-2023-20273), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438 \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u043c\u0430\u043b\u0432\u0430\u0440\u0438 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 IOS XE, \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0434\u0440\u0443\u0433\u043e\u0439 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u2014 CVE-2023-20198. \u0412 \u043c\u0438\u043d\u0443\u0432\u0448\u0438\u0435 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0435 \u043e\u0431\u0449\u0435\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043f\u0440\u0435\u0432\u044b\u0441\u0438\u043b\u043e 50 000.\n\nhttps://xakep.ru/2023/10/23/cisco-ios-xe-attacks-and-0day/", "creation_timestamp": "2023-10-23T18:38:02.000000Z"}, {"uuid": "d4351750-e561-4f45-bf34-4ad1883f784d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "80b71d0b-3c4a-46d5-9c9f-b22fb73ce48c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:50.000000Z"}, {"uuid": "e27dff98-607f-422f-8ecd-b8baaab93d9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://infosec.exchange/users/jbhall56/statuses/114002437177842915", "content": "", "creation_timestamp": "2025-02-14T13:19:04.928893Z"}, {"uuid": "5669b22e-22e9-4941-ad0c-1ffd272845d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://bsky.app/profile/jbhall56.bsky.social/post/3li5c4jytkk25", "content": "", "creation_timestamp": "2025-02-14T13:19:09.644959Z"}, {"uuid": "2a47de83-1ea7-41d4-8300-5286a370a39c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3li77oxasvo2o", "content": "", "creation_timestamp": "2025-02-15T07:41:05.382229Z"}, {"uuid": "6d0da6ca-c37d-45ab-9094-85ac76aa8989", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/115491438782198273", "content": "", "creation_timestamp": "2025-11-04T12:31:43.338490Z"}, {"uuid": "379e0362-0964-4fca-938f-3feb5e5fa5c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/http/cisco_ios_xe_os_exec_cve_2023_20273.rb", "content": "", "creation_timestamp": "2023-11-08T15:22:03.000000Z"}, {"uuid": "e92fd0fb-3d60-4ea5-b049-4696ecb5ad6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-0cc0a2cc-984ab59dd0761b42", "content": "", "creation_timestamp": "2025-08-29T07:38:09.454614Z"}, {"uuid": "664b57dd-40bc-437d-9f75-677e6e48f363", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "MISP/3057b723-5fae-476d-b162-b0a1a9a63ac2", "content": "", "creation_timestamp": "2025-08-28T15:41:49.000000Z"}, {"uuid": "76057882-90b8-4b15-9402-47e55bdfb064", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11807", "content": "A backdoor is implanted on Cisco devices by exploiting a pair of zero-day flaws in IOS XE software that has been modified by the threat actor so as to escape visibility via previous fingerprinting methods.\n\nThe attacks entail fashioning CVE-2023-20198 (CVSS score: 10.0) and CVE-2023-20273 (CVSS score: 7.2) into an exploit chain that grants the threat actor the ability to gain access to the devices, create a privileged account, and ultimately deploy a Lua-based implant on the devices.\n\nhttps://thehackernews.com/2023/10/backdoor-implant-on-hacked-cisco.html", "creation_timestamp": "2023-10-24T08:37:17.000000Z"}, {"uuid": "4ed76697-c53c-4a0e-a871-916ae995d5cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://t.me/codeby_sec/9384", "content": "\ud83c\udde8\ud83c\uddf3 \u041a\u0438\u0442\u0430\u0439\u0441\u043a\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 \u0430\u0442\u0430\u043a\u0443\u0435\u0442 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \n\n\ud83d\udc32 \u041a\u0438\u0442\u0430\u0439\u0441\u043a\u0430\u044f APT-\u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 Salt Typhon \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0438 \u0432\u0437\u043b\u043e\u043c\u0430\u043b 600 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.\n\n\ud83c\udf0e \u0414\u0430\u043d\u043d\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u0441\u0432\u043e\u0438 \u0430\u0442\u0430\u043a\u0438, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0435 \u043d\u0430 \u0441\u0435\u0442\u0438 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0432 \u0441\u0444\u0435\u0440\u0435 \u0442\u0435\u043b\u0435\u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u0439, \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u0442\u0440\u0430\u043d\u0441\u043f\u043e\u0440\u0442\u0430, \u0433\u043e\u0441\u0442\u0438\u043d\u0438\u0447\u043d\u043e\u0433\u043e \u0431\u0438\u0437\u043d\u0435\u0441\u0430 \u0438 \u0432\u043e\u0435\u043d\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b.\n\n\ud83c\udfe2 \u0412 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435 , \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u043c \u0432\u043b\u0430\u0441\u0442\u044f\u043c\u0438 13 \u0441\u0442\u0440\u0430\u043d, \u0433\u043e\u0432\u043e\u0440\u0438\u0442\u0441\u044f, \u0447\u0442\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0442\u0440\u0435\u043c\u044f \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u043c\u0438 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c\u0438: Sichuan Juxinhe Network Technology Co., Ltd., Beijing Huanyu Tianqiong Information Technology Co., Ltd. \u0438 Sichuan Zhixin Ruijie Network Technology Co., Ltd.\n\n\ud83d\udc69\u200d\ud83d\udcbb Salt Typhoon \u0431\u044b\u043b \u0437\u0430\u043c\u0435\u0447\u0435\u043d \u043f\u0440\u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0438 \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043f\u0443\u0442\u0435\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u043f\u0435\u0440\u0438\u0444\u0435\u0440\u0438\u0439\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043e\u0442 Cisco ( CVE-2018-0171 , CVE-2023-20198 \u0438 CVE-2023-20273 ), Ivanti ( CVE-2023-46805 \u0438 CVE-2024-21887 ) \u0438 Palo Alto Networks ( CVE-2024-3400 ).", "creation_timestamp": "2025-09-12T15:42:01.000000Z"}, {"uuid": "e5e1f210-3608-4b95-b609-205c9ba89c2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "exploited", "source": "https://t.me/BleepingComputer/18677", "content": "Latest news and stories from BleepingComputer.com\nCisco patches IOS XE zero-days used to hack over 50,000 devices\n\nCisco has addressed the two vulnerabilities (CVE-2023-20198 and CVE-2023-20273) that hackers exploited to compromise tens of thousands of IOS XE devices over the past week. [...]", "creation_timestamp": "2023-10-23T14:11:01.000000Z"}, {"uuid": "114816eb-9c54-440c-8c62-bc65c284f007", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "published-proof-of-concept", "source": "Telegram/CzSF1TM8B284mF_zuVLRxNq9i7Hq8pkW9O9CGGHI9UhB9g", "content": "", "creation_timestamp": "2023-12-12T02:35:24.000000Z"}, {"uuid": "9340ebd6-1e5a-4143-ab31-f60177a60526", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/2007", "content": "\ud83d\udea8 Cisco issued an alert about a new zero-day vulnerability in IOS XE (CVE-2023-20273). Attackers are actively exploiting it to install a malicious Lua-based implant on vulnerable devices. \n \nLearn more: https://thehackernews.com/2023/10/cisco-zero-day-exploited-to-implant.html", "creation_timestamp": "2023-10-21T09:45:03.000000Z"}, {"uuid": "de4141e0-fb76-46de-bd8d-4b8ef0a05c8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://t.me/arpsyndicate/1234", "content": "#ExploitObserverAlert\n\nCVE-2023-20273\n\nDESCRIPTION: Exploit Observer has 8 entries related to CVE-2023-20273. A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges.\n\nFIRST-EPSS: 0.060170000\nNVD-IS: 5.9\nNVD-ES: 1.2", "creation_timestamp": "2023-12-04T15:01:51.000000Z"}, {"uuid": "ed34f431-cf61-4bd6-8674-146489bd2a8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://t.me/arpsyndicate/2881", "content": "#ExploitObserverAlert\n\nCVE-2023-20273\n\nDESCRIPTION: Exploit Observer has 10 entries in 3 file formats related to CVE-2023-20273. A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges.\n\nFIRST-EPSS: 0.060170000\nNVD-IS: 5.9\nNVD-ES: 1.2", "creation_timestamp": "2024-01-16T20:13:28.000000Z"}, {"uuid": "3f56496c-ad25-4906-b665-d063a4bfab0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://t.me/arpsyndicate/1786", "content": "#ExploitObserverAlert\n\nCVE-2023-20198\n\nDESCRIPTION: Exploit Observer has 170 entries related to CVE-2023-20198. Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. We are updating the list of fixed releases and adding the Software Checker. Our investigation has determined that the actors exploited two previously unknown issues. The attacker first exploited CVE-2023-20198 to gain initial access and issued a privilege 15 command to create a local user and password combination. This allowed the user to log in with normal user access. The attacker then exploited another component of the web UI feature, leveraging the new local user to elevate privilege to root and write the implant to the file system. Cisco has assigned CVE-2023-20273 to this issue. CVE-2023-20198 has been assigned a CVSS Score of 10.0. CVE-2023-20273 has been assigned a CVSS Score of 7.2. Both of these CVEs are being tracked by CSCwh87343.\n\nFIRST-EPSS: 0.890740000\nNVD-IS: 6.0\nNVD-ES: 3.9", "creation_timestamp": "2023-12-12T01:30:08.000000Z"}, {"uuid": "8f7d171d-6c3f-4858-b006-53cef785dfa9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "exploited", "source": "https://t.me/ZeroDay_TM/799", "content": "\ud83d\udea8 Cisco issued an alert about a new zero-day vulnerability in IOS XE (CVE-2023-20273). Attackers are actively exploiting it to install a malicious Lua-based implant on vulnerable devices. \n \nLearn more: https://thehackernews.com/2023/10/cisco-zero-day-exploited-to-implant.html\n\n- - - - - - - - - - - - - - - - - - - -\n-=[ @ZeroDay_TM ]=-", "creation_timestamp": "2023-10-22T10:24:30.000000Z"}, {"uuid": "e5095c87-6a46-42dd-9b33-10dfde8c37e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "exploited", "source": "https://t.me/true_secator/5173", "content": "Cisco \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430\u00a0\u043e\u0448\u0438\u0431\u043a\u0443 Firepower VPN, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2023-20275 \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 AnyConnect SSL VPN \u0432 \u041f\u041e Adaptive Security Appliance (ASA) \u0438 Firepower Threat Defense (FTD).\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u043f\u0430\u043a\u0435\u0442\u044b \u0441 \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c IP-\u0430\u0434\u0440\u0435\u0441\u043e\u043c \u0434\u0440\u0443\u0433\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f VPN. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043d\u0435 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043e\u0431\u0440\u0430\u0442\u043d\u044b\u0435 \u043f\u0430\u043a\u0435\u0442\u044b.\n\nCisco \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u041f\u041e, \u043e\u0442\u043c\u0435\u0442\u0438\u0432 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u0445 \u043f\u0443\u0442\u0435\u0439, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0438\u0445 \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c.\u00a0\u0412 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043f\u043e\u043a\u0430 \u043d\u0435 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u043e\u0441\u044c, \u043d\u043e \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0443\u0436\u0435 \u0432\u043d\u0438\u043c\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0438\u0437\u0443\u0447\u0430\u044e\u0442\u0441\u044f \u0432 \u043a\u0438\u0431\u0435\u0440\u043f\u043e\u0434\u043f\u043e\u043b\u044c\u0435.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u043d\u0430\u0446\u0435\u043b\u0438\u0432\u0430\u043d\u0438\u044f \u043d\u0430 \u043d\u043e\u0432\u044b\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438, \u0445\u0430\u043a\u0435\u0440\u044b \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u0434\u0430\u0432\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Cisco IOS XE - CVE-2023-20198 (CVSS 10) \u0438 CVE-2023-20273 (CVSS 7,2), \u0443\u0432\u0435\u043b\u0438\u0447\u0438\u0432\u0430\u044f \u0447\u0438\u0441\u043b\u043e \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432, \u043e \u0447\u0435\u043c \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 Shadowserver Foundation.\n\n\u0412 \u0445\u043e\u0434\u0435 \u0438\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u044b\u0445 \u0430\u0442\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0431\u0430\u0433\u0438 \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u0441 \u0432\u044b\u0441\u043e\u043a\u0438\u043c \u0443\u0440\u043e\u0432\u043d\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0431\u044d\u043a\u0434\u043e\u0440\u0430 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Lua \u0434\u043b\u044f \u0437\u0430\u0445\u0432\u0430\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432. \n\n\u0422\u043e\u0433\u0434\u0430 \u0447\u0438\u0441\u043b\u043e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u043e\u0432 \u0438 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u0432 \u0434\u043e\u0441\u0442\u0438\u0433\u0430\u043b\u043e 50 000, \u043f\u0440\u0438\u0447\u0435\u043c\u00a0\u043e\u043a\u043e\u043b\u043e 40 000 \u0432\u0441\u0435 \u0435\u0449\u0435 \u0431\u044b\u043b\u0438 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u044b \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0434\u043d\u0435\u0439 \u0441\u043f\u0443\u0441\u0442\u044f, \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043e\u0431\u043d\u043e\u0432\u0438\u043b\u0438 \u0441\u0432\u043e\u0439 \u0438\u043c\u043f\u043b\u0430\u043d\u0442.\n\n\u0418, \u043f\u043e \u0441\u0432\u0435\u0436\u0438\u043c \u0434\u0430\u043d\u043d\u044b\u043c, \u0431\u043e\u043b\u0435\u0435 23 000 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Cisco IOS XE \u0432\u0441\u0435 \u0435\u0449\u0435 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u044b \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u043c BadCandy.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0447\u0438\u0441\u043b\u043e \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u0439 \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u043e \u0441\u043d\u0438\u0436\u0430\u043b\u043e\u0441\u044c \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u043d\u043e\u044f\u0431\u0440\u044f \u0434\u043e \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0433\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438, \u043a\u043e\u0433\u0434\u0430 \u043f\u0440\u043e\u0438\u0437\u043e\u0448\u0435\u043b \u043d\u043e\u0432\u044b\u0439 \u0432\u0441\u043f\u043b\u0435\u0441\u043a, \u043f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0432 \u041c\u0435\u043a\u0441\u0438\u043a\u0435 \u0438 \u0427\u0438\u043b\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u043e\u043c \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 \u0441\u0435\u0440\u0438\u0438 \u0430\u0442\u0430\u043a.", "creation_timestamp": "2023-12-07T11:51:04.000000Z"}, {"uuid": "4f76b404-f26a-439e-8054-f2260dbafc74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20275", "type": "exploited", "source": "https://t.me/true_secator/5173", "content": "Cisco \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430\u00a0\u043e\u0448\u0438\u0431\u043a\u0443 Firepower VPN, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2023-20275 \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 AnyConnect SSL VPN \u0432 \u041f\u041e Adaptive Security Appliance (ASA) \u0438 Firepower Threat Defense (FTD).\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u043f\u0430\u043a\u0435\u0442\u044b \u0441 \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c IP-\u0430\u0434\u0440\u0435\u0441\u043e\u043c \u0434\u0440\u0443\u0433\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f VPN. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043d\u0435 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043e\u0431\u0440\u0430\u0442\u043d\u044b\u0435 \u043f\u0430\u043a\u0435\u0442\u044b.\n\nCisco \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u041f\u041e, \u043e\u0442\u043c\u0435\u0442\u0438\u0432 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u0445 \u043f\u0443\u0442\u0435\u0439, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0438\u0445 \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c.\u00a0\u0412 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043f\u043e\u043a\u0430 \u043d\u0435 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u043e\u0441\u044c, \u043d\u043e \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0443\u0436\u0435 \u0432\u043d\u0438\u043c\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0438\u0437\u0443\u0447\u0430\u044e\u0442\u0441\u044f \u0432 \u043a\u0438\u0431\u0435\u0440\u043f\u043e\u0434\u043f\u043e\u043b\u044c\u0435.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u043d\u0430\u0446\u0435\u043b\u0438\u0432\u0430\u043d\u0438\u044f \u043d\u0430 \u043d\u043e\u0432\u044b\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438, \u0445\u0430\u043a\u0435\u0440\u044b \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u0434\u0430\u0432\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Cisco IOS XE - CVE-2023-20198 (CVSS 10) \u0438 CVE-2023-20273 (CVSS 7,2), \u0443\u0432\u0435\u043b\u0438\u0447\u0438\u0432\u0430\u044f \u0447\u0438\u0441\u043b\u043e \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432, \u043e \u0447\u0435\u043c \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 Shadowserver Foundation.\n\n\u0412 \u0445\u043e\u0434\u0435 \u0438\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u044b\u0445 \u0430\u0442\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0431\u0430\u0433\u0438 \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u0441 \u0432\u044b\u0441\u043e\u043a\u0438\u043c \u0443\u0440\u043e\u0432\u043d\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0431\u044d\u043a\u0434\u043e\u0440\u0430 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Lua \u0434\u043b\u044f \u0437\u0430\u0445\u0432\u0430\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432. \n\n\u0422\u043e\u0433\u0434\u0430 \u0447\u0438\u0441\u043b\u043e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u043e\u0432 \u0438 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u0432 \u0434\u043e\u0441\u0442\u0438\u0433\u0430\u043b\u043e 50 000, \u043f\u0440\u0438\u0447\u0435\u043c\u00a0\u043e\u043a\u043e\u043b\u043e 40 000 \u0432\u0441\u0435 \u0435\u0449\u0435 \u0431\u044b\u043b\u0438 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u044b \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0434\u043d\u0435\u0439 \u0441\u043f\u0443\u0441\u0442\u044f, \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043e\u0431\u043d\u043e\u0432\u0438\u043b\u0438 \u0441\u0432\u043e\u0439 \u0438\u043c\u043f\u043b\u0430\u043d\u0442.\n\n\u0418, \u043f\u043e \u0441\u0432\u0435\u0436\u0438\u043c \u0434\u0430\u043d\u043d\u044b\u043c, \u0431\u043e\u043b\u0435\u0435 23 000 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Cisco IOS XE \u0432\u0441\u0435 \u0435\u0449\u0435 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u044b \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u043c BadCandy.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0447\u0438\u0441\u043b\u043e \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u0439 \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u043e \u0441\u043d\u0438\u0436\u0430\u043b\u043e\u0441\u044c \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u043d\u043e\u044f\u0431\u0440\u044f \u0434\u043e \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0433\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438, \u043a\u043e\u0433\u0434\u0430 \u043f\u0440\u043e\u0438\u0437\u043e\u0448\u0435\u043b \u043d\u043e\u0432\u044b\u0439 \u0432\u0441\u043f\u043b\u0435\u0441\u043a, \u043f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0432 \u041c\u0435\u043a\u0441\u0438\u043a\u0435 \u0438 \u0427\u0438\u043b\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u043e\u043c \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 \u0441\u0435\u0440\u0438\u0438 \u0430\u0442\u0430\u043a.", "creation_timestamp": "2023-12-07T11:51:04.000000Z"}, {"uuid": "78feae64-70ce-4b74-bc50-84d67b64486d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "exploited", "source": "https://t.me/true_secator/4999", "content": "\u041a\u0430\u043a \u0441\u043c\u043e\u0433\u043b\u0438 \u0432\u044b\u044f\u0441\u043d\u0438\u0442\u044c Fox-IT NCC Group, \u0431\u044d\u043a\u0434\u043e\u0440 Lua, \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u043d\u044b\u0439 \u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Cisco \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u0430\u0440\u044b 0-day \u0432 IOS XE (CVE-2023-20198 \u0438\u00a0CVE-2023-20273), \u0431\u044b\u043b \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0434\u043b\u044f \u0441\u043e\u043a\u0440\u044b\u0442\u0438\u044f \u043e\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f. \n\n\u0412\u044b\u044f\u0432\u0438\u0442\u044c \u043e\u043f\u0438\u0441\u0430\u043d\u043d\u0443\u044e \u043d\u0430\u043c\u0438 \u0432\u0447\u0435\u0440\u0430 \u0430\u043d\u043e\u043c\u0430\u043b\u0438\u044e \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u0441\u043e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\n\u0422\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u043d\u0430 \u043c\u043d\u043e\u0433\u0438\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0438\u043c\u043f\u043b\u0430\u043d\u0442 \u0432\u0441\u0435 \u0435\u0449\u0435 \u0430\u043a\u0442\u0438\u0432\u0435\u043d, \u043d\u043e \u0442\u0435\u043f\u0435\u0440\u044c \u043e\u0442\u0432\u0435\u0447\u0430\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u0442\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435, \u0435\u0441\u043b\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u0439 HTTP-\u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043e\u043a \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438.\n\n\u0412\u0441\u0435 \u044d\u0442\u043e \u043e\u0431\u044a\u044f\u0441\u043d\u044f\u0435\u0442 \u043f\u043e\u0447\u0435\u043c\u0443 \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0434\u043d\u0435\u0439\u00a0\u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0440\u0435\u0437\u043a\u043e\u00a0\u0443\u043f\u0430\u043b\u043e\u00a0\u0441 40 000 \u0434\u043e \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0441\u043e\u0442\u0435\u043d, \u0447\u0442\u043e \u0438 \u043f\u0440\u0438\u0432\u0435\u043b\u043e \u043a \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c \u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u043c \u0432\u043d\u0435\u0441\u0435\u043d\u0435\u043d\u0438\u0438 \u0430\u043a\u0442\u043e\u0440\u043e\u043c \u043a\u0430\u043a\u0438\u0445-\u0442\u043e\u00a0\u0441\u043a\u0440\u044b\u0442\u044b\u0445 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0439, \u0447\u0442\u043e\u0431\u044b \u0441\u043a\u0440\u044b\u0442\u044c \u0435\u0433\u043e \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, Fox-IT \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u0447\u0438\u0441\u043b\u043e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0432\u0441\u0435 \u0435\u0449\u0435 \u0434\u043e\u0441\u0442\u0438\u0433\u0430\u0435\u0442 37 000.\n\nCisco, \u0441\u043e \u0441\u0432\u043e\u0435\u0439 \u0441\u0442\u043e\u0440\u043e\u043d\u044b, \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0430\u00a0\u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0435\u00a0\u043f\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0437\u043b\u043e\u0432\u0440\u0435\u0434\u0430\u00a0\u0432 \u0441\u0432\u043e\u0438\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u0445, \u043f\u043e\u0434\u0435\u043b\u0438\u0432\u0448\u0438\u0441\u044c \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0440\u0430\u0431\u043e\u0447\u0435\u0439 \u0441\u0442\u0430\u043d\u0446\u0438\u0438 \u043d\u0430 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u0430\u0442\u0430.", "creation_timestamp": "2023-10-24T14:29:43.000000Z"}, {"uuid": "fb883559-8a7e-4dd4-a436-eb016edef6c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://t.me/true_secator/4993", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u0442\u044c \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044e \u0441 \u0430\u0442\u0430\u043a\u0430\u043c\u0438 Cisco IOS XE 0-day, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0435 \u043a\u0430\u0440\u0434\u0438\u043d\u0430\u043b\u044c\u043d\u043e \u043f\u0440\u0435\u043e\u0431\u0440\u0430\u0437\u0438\u043b\u0430\u0441\u044c.\n\n\u0415\u0441\u043b\u0438 \u0432 \u0432\u043a\u0440\u0430\u0442\u0446\u0435, \u0442\u043e \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0441 28 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u044c\u0442\u0441\u044f \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u0430\u044f \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CVE-2023-20198 \u0432 \u043f\u0430\u043d\u0435\u043b\u0438 \u0432\u0435\u0431-\u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f IOS XE, \u043a\u043e\u0442\u043e\u0440\u0443\u044e 16 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0430 Cisco.\n\n0-day \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0441 \u0441\u0430\u043c\u044b\u043c \u0432\u044b\u0441\u043e\u043a\u0438\u043c \u0443\u0440\u043e\u0432\u043d\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u0439 \u0432 \u0441\u0435\u0442\u0438 \u043f\u0430\u043d\u0435\u043b\u044c\u044e WebUI.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u0430\u0442\u0430\u043a \u043f\u0440\u0438\u0432\u0435\u043b\u043e \u043a \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044e \u0432\u0442\u043e\u0440\u043e\u0439 0-day, \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u0443\u044e \u0443\u0447\u0435\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0432 IOS XE \u043a\u043e\u043c\u0430\u043d\u0434, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u043b\u0438\u0441\u044c \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 root.\n\n\u0412 Cisco \u0437\u0430\u044f\u0432\u0438\u043b\u0438, \u0447\u0442\u043e \u0446\u0435\u043f\u043e\u0447\u043a\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0431\u044d\u043a\u0434\u043e\u0440\u0430 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Lua \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.\n\n\u0418 \u0438\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u0441\u0447\u0438\u0442\u0430\u043b\u0438 \u0432\u0442\u043e\u0440\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u043e\u0439 \u0432 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0431\u0430\u0433\u043e\u0439 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u0432 2021 \u0433\u043e\u0434\u0443 CVE-2021-1435. \u041d\u0430 \u0441\u0430\u043c\u043e\u043c \u0434\u0435\u043b\u0435 \u0435\u0439 \u043e\u043a\u0430\u0437\u0430\u043b\u0430\u0441\u044c \u0434\u0440\u0443\u0433\u0430\u044f 0-day, \u043e\u0442\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u0442\u0435\u043f\u0435\u0440\u044c \u043a\u0430\u043a CVE-2023-20273.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, CVE-2021-1435 \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445, \u043d\u043e \u0432 \u0434\u0440\u0443\u0433\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0438 \u0434\u0440\u0443\u0433\u0438\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0441\u0430\u043c\u043e\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e\u0435, \u0447\u0442\u043e \u0441 \u043a\u043e\u043d\u0446\u0430 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f \u043d\u0430\u0447\u0430\u043b \u0438\u0441\u0447\u0435\u0437\u0430\u0442\u044c \u0431\u044d\u043a\u0434\u043e\u0440 Lua, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u043b\u0441\u044f \u043d\u0430 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0435 Cisco IOS XE.\n\n\u041f\u043e \u043e\u0446\u0435\u043d\u043a\u0430\u043c Censys \u0438 Shadowserver, \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 IOS XE \u0434\u043e\u0441\u0442\u0438\u0433\u0430\u043b\u043e \u0434\u043e 42 000 \u0438 \u0434\u0430\u0436\u0435 \u0431\u043e\u043b\u0435\u0435, \u043d\u043e \u0432 \u044d\u0442\u0438 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0435 \u043e\u043d\u043e \u0432\u043d\u0435\u0437\u0430\u043f\u043d\u043e \u043d\u0435 \u0443\u043f\u0430\u043b\u043e \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u0434\u043e\u00a0500-1000.\n\n\u041a\u0430\u043a \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b, \u043f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438, \u044d\u0442\u043e \u0431\u044b\u043b\u043e \u0432\u044b\u0437\u0432\u0430\u043d\u043e \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f\u043c\u0438 \u0441\u0430\u043c\u043e\u0433\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430, \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u0430\u044f \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044d\u043a\u0434\u043e\u0440\u0430 \u043f\u0440\u0438\u0432\u043b\u0435\u043a\u043b\u0430 \u0441\u043b\u0438\u0448\u043a\u043e\u043c \u043c\u043d\u043e\u0433\u043e \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u044f \u043a \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u0430 \u0441\u0430\u043c \u043e\u043d \u043e\u0431\u043b\u0430\u0434\u0430\u043b \u043d\u0438\u0437\u043a\u043e\u0439 \u043f\u0435\u0440\u0441\u0438\u0441\u0442\u0435\u043d\u0442\u043d\u043e\u0441\u0442\u044c\u044e.\n\n\u041d\u043e \u043d\u0435 \u0438\u0441\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0432\u0441\u0435 \u044d\u0442\u043e \u043c\u043e\u0433\u043b\u043e \u0441\u043e\u043f\u0440\u043e\u0432\u043e\u0436\u0434\u0430\u0442\u044c\u0441\u044f \u0434\u0440\u0443\u0433\u0438\u043c \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u043c \u0431\u043e\u043b\u0435\u0435 \u0433\u043b\u0443\u0431\u043e\u043a\u043e\u0439 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432, \u043a\u0430\u043a \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0441 Barracuda.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u0441\u043e\u0431\u044b\u0442\u0438\u044f, Cisco \u043d\u0430\u043a\u043e\u043d\u0435\u0446-\u0442\u043e \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430\u00a0\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u00a0\u0434\u043b\u044f \u043e\u0431\u043e\u0438\u0445 0-day.\n\n\u041f\u0440\u0430\u0432\u0434\u0430, \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0432 \u044d\u0442\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0432\u0441\u0435 \u0440\u0430\u0432\u043d\u043e \u043d\u0435 \u0431\u0443\u0434\u0435\u0442 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e, \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u043f\u0440\u0438\u0434\u0435\u0442\u0441\u044f \u0432\u0441\u0435 \u0436\u0435 \u043f\u0440\u043e\u0432\u0435\u0441\u0442\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0441\u0432\u043e\u0438\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0438 \u0441\u0438\u0441\u0442\u0435\u043c.\n\n\u041e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0430\u0442\u0440\u0438\u0431\u0443\u0446\u0438\u0438 \u0438 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u043e\u0432 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f Cisco \u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u0435\u0432 \u043d\u0435 \u0434\u0430\u0435\u0442, \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u044f \u043c\u043e\u043b\u0447\u0430\u043d\u0438\u0435.\n\n\u041f\u0435\u0447\u0430\u043b\u044c\u043d\u043e \u0435\u0449\u0435 \u0442\u043e, \u0447\u0442\u043e \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0438 \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u0432 \u0442\u043e \u0436\u0435 \u0432\u0440\u0435\u043c\u044f, \u043a\u043e\u0433\u0434\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0441\u044f \u0435\u0449\u0435 \u043e\u0434\u0438\u043d 0-day \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 CVE-2023-20109, \u0447\u0442\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u0443\u044e \u043e\u0442\u0440\u0430\u0431\u043e\u0442\u043a\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Cisco IOS XE, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0438\u043d\u043e\u0441\u0438\u0442 \u0438\u043c \u043d\u0435\u043f\u043b\u043e\u0445\u0438\u0435 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u044b.\n\n\u041d\u043e \u0431\u0443\u0434\u0435\u043c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2023-10-23T13:04:22.000000Z"}, {"uuid": "7fecbeda-f726-4093-9a9e-766cbe1b81cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://t.me/cibsecurity/72828", "content": "\u203c CVE-2023-20273 \u203c\n\nA vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-25T22:39:13.000000Z"}, {"uuid": "c7045b58-290d-42ac-9b30-5233a57d6d57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1501", "content": "https://paper.seebug.org/3072\n\nCisco IOS XE \u7cfb\u7edf WebUI \u672a\u6388\u6743\u547d\u4ee4\u6267\u884c\u6f0f\u6d1e\u5206\u6790\n\nCVE-2023-20198\uff0cCVE-2023-20273\n\n#\u5206\u6790", "creation_timestamp": "2023-11-13T14:04:01.000000Z"}, {"uuid": "44052391-d023-4c87-8ac4-b1658a74128c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9322", "content": "#exploit\n1. CVE-2023-34050:\nSpring AMQP Deserialization RCE\nhttps://blog.pyn3rd.com/2023/11/03/CVE-2023-34050-Spring-AMQP-Deserialization-Remote-Code-Execution\n\n2. CVE-2023-20273:\nIOS XE root priv escalation\nhttps://blog.leakix.net/2023/10/cisco-root-privesc\n\n3. Stealing OAuth tokens of connected MS accounts via open redirect in Harvest App\nhttps://eval.blog/research/microsoft-account-token-leaks-in-harvest", "creation_timestamp": "2023-11-04T18:42:20.000000Z"}, {"uuid": "e9e5c8cb-f8b3-44a1-817a-b86b13f4a237", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://t.me/Rootsec_2/1630", "content": "#exploit\n1. CVE-2023-34050:\nSpring AMQP Deserialization RCE\nhttps://blog.pyn3rd.com/2023/11/03/CVE-2023-34050-Spring-AMQP-Deserialization-Remote-Code-Execution\n\n2. CVE-2023-20273:\nIOS XE root priv escalation\nhttps://blog.leakix.net/2023/10/cisco-root-privesc\n\n3. Stealing OAuth tokens of connected MS accounts via open redirect in Harvest App\nhttps://eval.blog/research/microsoft-account-token-leaks-in-harvest", "creation_timestamp": "2024-08-16T08:43:29.000000Z"}, {"uuid": "2e85e2a3-e6f8-4c13-bc89-29558b3ae549", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-10-23T21:10:02.000000Z"}, {"uuid": "e24792b7-38b4-4815-90c0-5b73f58beda5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971907", "content": "", "creation_timestamp": "2024-12-24T20:35:30.023139Z"}, {"uuid": "8c4a052e-2705-40f9-b614-a9b29772c67c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "MISP/18c55588-626c-4e78-8840-45f9014d195c", "content": "", "creation_timestamp": "2025-03-06T10:36:01.000000Z"}, {"uuid": "cb1b868d-cd58-470a-bc9f-27ddec4be7fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://bsky.app/profile/ervinzubic.bsky.social/post/3liaidcwjvx2t", "content": "", "creation_timestamp": "2025-02-15T19:48:19.212941Z"}, {"uuid": "5aa6c169-149e-4e20-a36f-2973afc48c57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://threatintel.cc/2025/02/21/123201.html", "content": "", "creation_timestamp": "2025-02-21T16:32:01.000000Z"}, {"uuid": "4169641f-fd7e-4019-a1f8-dcfab9c165a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://threatintel.cc/2025/02/21/chinese-apt-exploits-cisco-ios.html", "content": "", "creation_timestamp": "2025-02-21T16:31:59.000000Z"}, {"uuid": "dbd64b52-ed38-47b7-8ff9-c91c2d15d20c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:00.000000Z"}, {"uuid": "af8ec4fc-fe3b-44c4-9f0a-9880eb34b454", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://www.cert.at/de/warnungen/2023/10/kritische-sicherheitslucke-in-cisco-ios-xe-aktiv-ausgenutzt", "content": "", "creation_timestamp": "2023-10-18T08:29:48.000000Z"}, {"uuid": "5fd8bed4-3077-4e67-9db9-57c43e36f957", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://threatintel.cc/2025/11/04/badcandy-implant-hits-cisco-devices.html", "content": "", "creation_timestamp": "2025-11-04T11:31:55.000000Z"}, {"uuid": "9b03b68b-9456-4551-ad57-bf801f72483b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "MISP/94901317-a31d-44b5-a66c-8fe3dbace6b5", "content": "", "creation_timestamp": "2025-09-12T00:16:19.000000Z"}, {"uuid": "71db6b33-1a7e-4e0c-9b60-6744e7c926e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://bsky.app/profile/shadowserver.bsky.social/post/3m4quez3qus2u", "content": "", "creation_timestamp": "2025-11-03T20:30:56.215253Z"}, {"uuid": "d41103ed-292f-4cc7-88d1-1f596385d47a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://bsky.app/profile/shadowserver.bsky.social/post/3m4quf4t3ac2u", "content": "", "creation_timestamp": "2025-11-03T20:30:56.806626Z"}, {"uuid": "78789206-3162-4dab-9d86-67da906acf10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://bsky.app/profile/shadowserver.bsky.social/post/3m4quf4t47k2u", "content": "", "creation_timestamp": "2025-11-03T20:30:57.410795Z"}, {"uuid": "939a4ea1-7bcc-4fd4-80c2-63bc450a06bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://gist.github.com/Darkcrai86/3cba1d61c2336cd96b3fc8eeb1ae8f56", "content": "", "creation_timestamp": "2025-08-29T17:27:13.000000Z"}, {"uuid": "42ac5e48-05bd-48d0-969b-fc6fa87a35ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20273", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3m4rhpdyiej2h", "content": "", "creation_timestamp": "2025-11-04T02:16:16.626319Z"}]}