Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 10 May 2026 07:04:57 +0000 3d493459-b39b-406d-a96e-8dade4404ce3 https://vulnerability.circl.lu/sighting/3d493459-b39b-406d-a96e-8dade4404ce3/export {"uuid": "3d493459-b39b-406d-a96e-8dade4404ce3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20377", "type": "exploited", "source": "https://t.me/ics_cert/941", "content": "\u0633\u06cc\u0633\u06a9\u0648 \u0628\u0631\u0627\u06cc \u0686\u0646\u062f\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u0627\u0645\u0646\u06cc\u062a\u06cc \u062a\u0637\u0628\u06cc\u0642\u06cc \u200b\u200b(ASA)\u060c \u0645\u0631\u06a9\u0632 \u0645\u062f\u06cc\u0631\u06cc\u062a \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0627\u0645\u0646 (FMC) \u0648 Firepower Threat Defense (FTD) \u0627\u0635\u0644\u0627\u062d\u0627\u062a\u06cc \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a\u060c \u0627\u0632 \u062c\u0645\u0644\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc\u06cc \u06a9\u0647 \u062f\u0631 \u0637\u0628\u06cc\u0639\u062a \u0642\u0627\u0628\u0644 \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0633\u062a.\n\nCVE-2024-20481 \u0628\u0627 CVSS 5.8 \u0633\u0631\u0648\u06cc\u0633 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 VPN (RAVPN) ASA \u0648 FTD \u0631\u0627 \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0642\u0631\u0627\u0631 \u0645\u06cc \u062f\u0647\u062f \u0648 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0648 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0646\u0634\u062f\u0647 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0628\u0627 \u0641\u0631\u0633\u0648\u062f\u06af\u06cc \u0645\u0646\u0627\u0628\u0639 \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u062a\u0639\u062f\u0627\u062f \u0632\u06cc\u0627\u062f\u06cc \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a VPN\u060c \u0634\u0631\u0627\u06cc\u0637 DoS \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u0646\u062f.\n\n\u062f\u0631 \u0627\u06cc\u0646 \u0645\u0648\u0631\u062f\u060c \u062a\u0646\u0647\u0627 \u062f\u0633\u062a\u06af\u0627\u0647\u200c\u0647\u0627\u06cc\u06cc \u06a9\u0647 \u0646\u0633\u062e\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 ASA \u06cc\u0627 FTD \u0631\u0627 \u0627\u062c\u0631\u0627 \u0645\u06cc\u200c\u06a9\u0646\u0646\u062f \u06a9\u0647 \u0633\u0631\u0648\u06cc\u0633 RAVPN \u0631\u0648\u06cc \u0622\u0646\u200c\u0647\u0627 \u0641\u0639\u0627\u0644 \u0627\u0633\u062a\u060c \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u0647\u0633\u062a\u0646\u062f.\n\n\u0633\u06cc\u0633\u06a9\u0648 \u0645\u06cc\u200c\u06af\u0648\u06cc\u062f \u062d\u0645\u0644\u0627\u062a \u0645\u0634\u0627\u0647\u062f\u0647\u200c\u0634\u062f\u0647 \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 \u06cc\u06a9 \u06a9\u0645\u067e\u06cc\u0646 \u062f\u0631 \u0645\u0642\u06cc\u0627\u0633 \u0628\u0632\u0631\u06af \u0628\u0627 \u0646\u06cc\u0631\u0648\u06cc brute-force \u0627\u0633\u062a \u06a9\u0647 \u0686\u0646\u062f\u06cc\u0646 \u0633\u0631\u0648\u06cc\u0633 VPN \u0648 SSH \u0631\u0627 \u0647\u062f\u0641 \u0642\u0631\u0627\u0631 \u0645\u06cc\u200c\u062f\u0647\u062f\u060c \u06a9\u0647 \u062f\u0631 \u0622\u0648\u0631\u06cc\u0644 2024 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u06a9\u0631\u062f. \u0622\u0646\u0647\u0627 \u0646\u0647 \u062a\u0646\u0647\u0627 \u0633\u06cc\u0633\u06a9\u0648\u060c \u0628\u0644\u06a9\u0647 \u0645\u062d\u0635\u0648\u0644\u0627\u062a\u06cc \u0627\u0632 Checkpoint\u060c Fortinet\u060c SonicWall\u060c MikroTik\u060c Draytek \u0648 Ubiquiti \u0631\u0627 \u0646\u06cc\u0632 \u0647\u062f\u0641 \u0642\u0631\u0627\u0631 \u0645\u06cc \u062f\u0647\u0646\u062f.\n\n\u0627\u06cc\u0646 \u062a\u0648\u0635\u06cc\u0647 \u0634\u0634 \u0645\u0627\u0647\u0647 \u0647\u0645\u0686\u0646\u06cc\u0646 50 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062f\u06cc\u06af\u0631\u060c \u0627\u0632 \u062c\u0645\u0644\u0647 \u0633\u0647 \u0645\u0648\u0636\u0648\u0639 \u062d\u06cc\u0627\u062a\u06cc \u0631\u0627 \u0634\u0631\u062d \u0645\u06cc \u062f\u0647\u062f. \u0647\u06cc\u0686 \u0645\u062f\u0631\u06a9\u06cc \u062f\u0627\u0644 \u0628\u0631 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0647\u06cc\u0686 \u06cc\u06a9 \u0627\u0632 \u0622\u0646\u0647\u0627 \u062f\u0631 \u062d\u0645\u0644\u0627\u062a \u0648\u062c\u0648\u062f \u0646\u062f\u0627\u0631\u062f.\n\n\u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c \u0641\u0631\u0648\u0634\u0646\u062f\u0647 \u0647\u0634\u062f\u0627\u0631 \u0645\u06cc \u062f\u0647\u062f \u06a9\u0647 \u06cc\u06a9 PoC \u0628\u0631\u0627\u06cc CVE-2024-20377\u060c CVE-2024-20387\u060c \u0648 CVE-2024-20388\u060c \u0633\u0647 \u0628\u0627\u06af \u0627\u0641\u0634\u0627\u06cc \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u062f\u0631 FMC\u060c \u062f\u0631 \u062f\u0633\u062a\u0631\u0633 \u0627\u0633\u062a.\n\n\u0627\u0648\u0644\u06cc\u0646 \u0628\u0627\u06af \u0645\u0647\u0645 \u062f\u0631 ASA\u060c CVE-2024-20329 (CVSS 9.9)\u060c \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0634\u062f\u0647 \u0648 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 \u0631\u0627 \u0628\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a \u0631\u06cc\u0634\u0647 \u0627\u0632 \u0637\u0631\u06cc\u0642 SSH \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f \u0648 \u06a9\u0646\u062a\u0631\u0644 \u06a9\u0627\u0645\u0644 \u0633\u06cc\u0633\u062a\u0645 \u0631\u0627 \u0628\u0647 \u062f\u0633\u062a \u0622\u0648\u0631\u062f.\n\nCVE-2024-20424 (CVSS 9.9) \u062f\u0631 FMC \u0628\u0647 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0634\u062f\u0647 \u0648 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc \u062f\u0647\u062f \u062a\u0627 \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0647\u0627\u06cc HTTP \u0633\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u0648\u06cc\u0698\u0647 \u0627\u06cc \u0631\u0627 \u0627\u0631\u0633\u0627\u0644 \u06a9\u0646\u062f \u06a9\u0647 \u0628\u0647 \u062f\u0631\u0633\u062a\u06cc \u0628\u0631\u0627\u06cc \u0627\u062c\u0631\u0627\u06cc \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u062f\u0644\u062e\u0648\u0627\u0647 \u0628\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a \u0631\u06cc\u0634\u0647 \u062f\u0631 \u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 \u0632\u06cc\u0631\u06cc\u0646 \u062f\u0633\u062a\u06af\u0627\u0647 \u0647\u0627 \u062a\u0623\u06cc\u06cc\u062f \u0646\u0634\u062f\u0647 \u0627\u0646\u062f.\n\n\u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062d\u06cc\u0627\u062a\u06cc FTD \u0631\u0648\u06cc \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0647\u0627\u06cc \u0633\u0631\u06cc Cisco Firepower 1000\u060c 2100\u060c 3100 \u0648 4200 \u062a\u0623\u062b\u06cc\u0631 \u0645\u06cc \u06af\u0630\u0627\u0631\u062f \u0648 \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 CVE-2024-20412 (CVSS 9.3) \u0631\u062f\u06cc\u0627\u0628\u06cc \u0645\u06cc \u0634\u0648\u062f.\n\n\u0627\u06cc\u0646 \u0628\u0647 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u0645\u062d\u0644\u06cc \u0648 \u062a\u0627\u06cc\u06cc\u062f \u0646\u0634\u062f\u0647 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc \u062f\u0647\u062f \u062a\u0627 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u0639\u062a\u0628\u0627\u0631\u0646\u0627\u0645\u0647 \u0647\u0627\u06cc \u0627\u06cc\u0633\u062a\u0627 \u0648\u0627\u0631\u062f \u0631\u0627\u0628\u0637 \u062e\u0637 \u0641\u0631\u0645\u0627\u0646 \u06cc\u06a9 \u062f\u0633\u062a\u06af\u0627\u0647 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 \u0634\u0648\u062f.\n\n\u0633\u06cc\u0633\u06a9\u0648 \u0647\u0645\u0686\u0646\u06cc\u0646 \u0627\u0635\u0644\u0627\u062d\u0627\u062a\u06cc \u0631\u0627 \u0628\u0631\u0627\u06cc 10 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u062f\u0631 FTD \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f \u06a9\u0647 \u0628\u06cc\u0634 \u0627\u0632 \u0646\u06cc\u0645\u06cc \u0627\u0632 \u0622\u0646 \u0647\u0627 ASA \u0631\u0627 \u0646\u06cc\u0632 \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0642\u0631\u0627\u0631 \u062f\u0627\u062f\u0646\u062f. \u06cc\u06a9\u06cc \u062f\u06cc\u06af\u0631 \u0627\u0632 \u0646\u0642\u0635\u200c\u0647\u0627\u06cc \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u062f\u0631 \u0627\u0628\u0632\u0627\u0631 \u0645\u062c\u0627\u0632\u06cc \u0627\u0645\u0646\u06cc\u062a \u062a\u0637\u0628\u06cc\u0642\u06cc \u200b\u200b(ASAv) \u0648 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0627\u0645\u0646\u060c \u062f\u0641\u0627\u0639 \u0645\u062c\u0627\u0632\u06cc (FTDv) \u0628\u0631\u0631\u0633\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a.\n\n\u0628\u0647 \u0627\u0633\u062a\u062b\u0646\u0627\u06cc \u06cc\u06a9 \u0627\u0634\u06a9\u0627\u0644 \u062f\u0631 \u0633\u0631\u0648\u0631 \u0648\u0628 VPN ASA \u0648 FTD \u06a9\u0647 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0645\u0646\u062c\u0631 \u0628\u0647 \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u0628\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a \u0631\u06cc\u0634\u0647 \u0634\u0648\u062f\u060c \u0645\u0633\u0627\u0626\u0644 \u062c\u062f\u06cc \u0628\u0627\u0642\u06cc \u0645\u0627\u0646\u062f\u0647 \u0645\u06cc \u062a\u0648\u0627\u0646\u0646\u062f \u0628\u0631\u0627\u06cc \u0627\u06cc\u062c\u0627\u062f \u0634\u0631\u0627\u06cc\u0637 DoS \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u06af\u06cc\u0631\u0646\u062f.\n\n\u0645\u0634\u062a\u0631\u06cc\u0627\u0646 \u0633\u06cc\u0633\u06a9\u0648 \u062a\u0634\u0648\u06cc\u0642 \u0645\u06cc \u0634\u0648\u0646\u062f \u062a\u0627 \u062f\u0631 \u0627\u0633\u0631\u0639 \u0648\u0642\u062a \u0627\u0635\u0644\u0627\u062d\u0627\u062a \u0631\u0627 \u0627\u0639\u0645\u0627\u0644 \u06a9\u0646\u0646\u062f. \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0628\u06cc\u0634\u062a\u0631 \u0631\u0627 \u0645\u06cc \u062a\u0648\u0627\u0646 \u062f\u0631 \u0627\u06cc\u0646\u062c\u0627 \u06cc\u0627\u0641\u062a.\n\n\ud83c\udfaf \u062f\u0631 \u062c\u0631\u06cc\u0627\u0646 \u0646\u0628\u0636 \u0627\u0645\u0646\u06cc\u062a \u0633\u0627\u06cc\u0628\u0631\u06cc \u0635\u0646\u0639\u062a\u06cc \u0628\u0627\u0634\u06cc\u062f:\n\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u0648\u0627\u062a\u0633 \u0622\u067e :\nhttps://chat.whatsapp.com/FpB620AWEeSKvd8U6cFh33", "creation_timestamp": "2024-10-31T18:51:56.000000Z"} {"uuid": "3d493459-b39b-406d-a96e-8dade4404ce3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20377", "type": "exploited", "source": "https://t.me/ics_cert/941", "content": "\u0633\u06cc\u0633\u06a9\u0648 \u0628\u0631\u0627\u06cc \u0686\u0646\u062f\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u0627\u0645\u0646\u06cc\u062a\u06cc \u062a\u0637\u0628\u06cc\u0642\u06cc \u200b\u200b(ASA)\u060c \u0645\u0631\u06a9\u0632 \u0645\u062f\u06cc\u0631\u06cc\u062a \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0627\u0645\u0646 (FMC) \u0648 Firepower Threat Defense (FTD) \u0627\u0635\u0644\u0627\u062d\u0627\u062a\u06cc \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a\u060c \u0627\u0632 \u062c\u0645\u0644\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc\u06cc \u06a9\u0647 \u062f\u0631 \u0637\u0628\u06cc\u0639\u062a \u0642\u0627\u0628\u0644 \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0633\u062a.\n\nCVE-2024-20481 \u0628\u0627 CVSS 5.8 \u0633\u0631\u0648\u06cc\u0633 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 VPN (RAVPN) ASA \u0648 FTD \u0631\u0627 \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0642\u0631\u0627\u0631 \u0645\u06cc \u062f\u0647\u062f \u0648 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0648 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0646\u0634\u062f\u0647 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0628\u0627 \u0641\u0631\u0633\u0648\u062f\u06af\u06cc \u0645\u0646\u0627\u0628\u0639 \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u062a\u0639\u062f\u0627\u062f \u0632\u06cc\u0627\u062f\u06cc \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a VPN\u060c \u0634\u0631\u0627\u06cc\u0637 DoS \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u0646\u062f.\n\n\u062f\u0631 \u0627\u06cc\u0646 \u0645\u0648\u0631\u062f\u060c \u062a\u0646\u0647\u0627 \u062f\u0633\u062a\u06af\u0627\u0647\u200c\u0647\u0627\u06cc\u06cc \u06a9\u0647 \u0646\u0633\u062e\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 ASA \u06cc\u0627 FTD \u0631\u0627 \u0627\u062c\u0631\u0627 \u0645\u06cc\u200c\u06a9\u0646\u0646\u062f \u06a9\u0647 \u0633\u0631\u0648\u06cc\u0633 RAVPN \u0631\u0648\u06cc \u0622\u0646\u200c\u0647\u0627 \u0641\u0639\u0627\u0644 \u0627\u0633\u062a\u060c \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u0647\u0633\u062a\u0646\u062f.\n\n\u0633\u06cc\u0633\u06a9\u0648 \u0645\u06cc\u200c\u06af\u0648\u06cc\u062f \u062d\u0645\u0644\u0627\u062a \u0645\u0634\u0627\u0647\u062f\u0647\u200c\u0634\u062f\u0647 \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 \u06cc\u06a9 \u06a9\u0645\u067e\u06cc\u0646 \u062f\u0631 \u0645\u0642\u06cc\u0627\u0633 \u0628\u0632\u0631\u06af \u0628\u0627 \u0646\u06cc\u0631\u0648\u06cc brute-force \u0627\u0633\u062a \u06a9\u0647 \u0686\u0646\u062f\u06cc\u0646 \u0633\u0631\u0648\u06cc\u0633 VPN \u0648 SSH \u0631\u0627 \u0647\u062f\u0641 \u0642\u0631\u0627\u0631 \u0645\u06cc\u200c\u062f\u0647\u062f\u060c \u06a9\u0647 \u062f\u0631 \u0622\u0648\u0631\u06cc\u0644 2024 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u06a9\u0631\u062f. \u0622\u0646\u0647\u0627 \u0646\u0647 \u062a\u0646\u0647\u0627 \u0633\u06cc\u0633\u06a9\u0648\u060c \u0628\u0644\u06a9\u0647 \u0645\u062d\u0635\u0648\u0644\u0627\u062a\u06cc \u0627\u0632 Checkpoint\u060c Fortinet\u060c SonicWall\u060c MikroTik\u060c Draytek \u0648 Ubiquiti \u0631\u0627 \u0646\u06cc\u0632 \u0647\u062f\u0641 \u0642\u0631\u0627\u0631 \u0645\u06cc \u062f\u0647\u0646\u062f.\n\n\u0627\u06cc\u0646 \u062a\u0648\u0635\u06cc\u0647 \u0634\u0634 \u0645\u0627\u0647\u0647 \u0647\u0645\u0686\u0646\u06cc\u0646 50 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062f\u06cc\u06af\u0631\u060c \u0627\u0632 \u062c\u0645\u0644\u0647 \u0633\u0647 \u0645\u0648\u0636\u0648\u0639 \u062d\u06cc\u0627\u062a\u06cc \u0631\u0627 \u0634\u0631\u062d \u0645\u06cc \u062f\u0647\u062f. \u0647\u06cc\u0686 \u0645\u062f\u0631\u06a9\u06cc \u062f\u0627\u0644 \u0628\u0631 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0647\u06cc\u0686 \u06cc\u06a9 \u0627\u0632 \u0622\u0646\u0647\u0627 \u062f\u0631 \u062d\u0645\u0644\u0627\u062a \u0648\u062c\u0648\u062f \u0646\u062f\u0627\u0631\u062f.\n\n\u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c \u0641\u0631\u0648\u0634\u0646\u062f\u0647 \u0647\u0634\u062f\u0627\u0631 \u0645\u06cc \u062f\u0647\u062f \u06a9\u0647 \u06cc\u06a9 PoC \u0628\u0631\u0627\u06cc CVE-2024-20377\u060c CVE-2024-20387\u060c \u0648 CVE-2024-20388\u060c \u0633\u0647 \u0628\u0627\u06af \u0627\u0641\u0634\u0627\u06cc \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u062f\u0631 FMC\u060c \u062f\u0631 \u062f\u0633\u062a\u0631\u0633 \u0627\u0633\u062a.\n\n\u0627\u0648\u0644\u06cc\u0646 \u0628\u0627\u06af \u0645\u0647\u0645 \u062f\u0631 ASA\u060c CVE-2024-20329 (CVSS 9.9)\u060c \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0634\u062f\u0647 \u0648 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 \u0631\u0627 \u0628\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a \u0631\u06cc\u0634\u0647 \u0627\u0632 \u0637\u0631\u06cc\u0642 SSH \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f \u0648 \u06a9\u0646\u062a\u0631\u0644 \u06a9\u0627\u0645\u0644 \u0633\u06cc\u0633\u062a\u0645 \u0631\u0627 \u0628\u0647 \u062f\u0633\u062a \u0622\u0648\u0631\u062f.\n\nCVE-2024-20424 (CVSS 9.9) \u062f\u0631 FMC \u0628\u0647 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0634\u062f\u0647 \u0648 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc \u062f\u0647\u062f \u062a\u0627 \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0647\u0627\u06cc HTTP \u0633\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u0648\u06cc\u0698\u0647 \u0627\u06cc \u0631\u0627 \u0627\u0631\u0633\u0627\u0644 \u06a9\u0646\u062f \u06a9\u0647 \u0628\u0647 \u062f\u0631\u0633\u062a\u06cc \u0628\u0631\u0627\u06cc \u0627\u062c\u0631\u0627\u06cc \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u062f\u0644\u062e\u0648\u0627\u0647 \u0628\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a \u0631\u06cc\u0634\u0647 \u062f\u0631 \u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 \u0632\u06cc\u0631\u06cc\u0646 \u062f\u0633\u062a\u06af\u0627\u0647 \u0647\u0627 \u062a\u0623\u06cc\u06cc\u062f \u0646\u0634\u062f\u0647 \u0627\u0646\u062f.\n\n\u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062d\u06cc\u0627\u062a\u06cc FTD \u0631\u0648\u06cc \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0647\u0627\u06cc \u0633\u0631\u06cc Cisco Firepower 1000\u060c 2100\u060c 3100 \u0648 4200 \u062a\u0623\u062b\u06cc\u0631 \u0645\u06cc \u06af\u0630\u0627\u0631\u062f \u0648 \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 CVE-2024-20412 (CVSS 9.3) \u0631\u062f\u06cc\u0627\u0628\u06cc \u0645\u06cc \u0634\u0648\u062f.\n\n\u0627\u06cc\u0646 \u0628\u0647 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u0645\u062d\u0644\u06cc \u0648 \u062a\u0627\u06cc\u06cc\u062f \u0646\u0634\u062f\u0647 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc \u062f\u0647\u062f \u062a\u0627 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u0639\u062a\u0628\u0627\u0631\u0646\u0627\u0645\u0647 \u0647\u0627\u06cc \u0627\u06cc\u0633\u062a\u0627 \u0648\u0627\u0631\u062f \u0631\u0627\u0628\u0637 \u062e\u0637 \u0641\u0631\u0645\u0627\u0646 \u06cc\u06a9 \u062f\u0633\u062a\u06af\u0627\u0647 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 \u0634\u0648\u062f.\n\n\u0633\u06cc\u0633\u06a9\u0648 \u0647\u0645\u0686\u0646\u06cc\u0646 \u0627\u0635\u0644\u0627\u062d\u0627\u062a\u06cc \u0631\u0627 \u0628\u0631\u0627\u06cc 10 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u062f\u0631 FTD \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f \u06a9\u0647 \u0628\u06cc\u0634 \u0627\u0632 \u0646\u06cc\u0645\u06cc \u0627\u0632 \u0622\u0646 \u0647\u0627 ASA \u0631\u0627 \u0646\u06cc\u0632 \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0642\u0631\u0627\u0631 \u062f\u0627\u062f\u0646\u062f. \u06cc\u06a9\u06cc \u062f\u06cc\u06af\u0631 \u0627\u0632 \u0646\u0642\u0635\u200c\u0647\u0627\u06cc \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u062f\u0631 \u0627\u0628\u0632\u0627\u0631 \u0645\u062c\u0627\u0632\u06cc \u0627\u0645\u0646\u06cc\u062a \u062a\u0637\u0628\u06cc\u0642\u06cc \u200b\u200b(ASAv) \u0648 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0627\u0645\u0646\u060c \u062f\u0641\u0627\u0639 \u0645\u062c\u0627\u0632\u06cc (FTDv) \u0628\u0631\u0631\u0633\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a.\n\n\u0628\u0647 \u0627\u0633\u062a\u062b\u0646\u0627\u06cc \u06cc\u06a9 \u0627\u0634\u06a9\u0627\u0644 \u062f\u0631 \u0633\u0631\u0648\u0631 \u0648\u0628 VPN ASA \u0648 FTD \u06a9\u0647 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0645\u0646\u062c\u0631 \u0628\u0647 \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u0628\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a \u0631\u06cc\u0634\u0647 \u0634\u0648\u062f\u060c \u0645\u0633\u0627\u0626\u0644 \u062c\u062f\u06cc \u0628\u0627\u0642\u06cc \u0645\u0627\u0646\u062f\u0647 \u0645\u06cc \u062a\u0648\u0627\u0646\u0646\u062f \u0628\u0631\u0627\u06cc \u0627\u06cc\u062c\u0627\u062f \u0634\u0631\u0627\u06cc\u0637 DoS \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u06af\u06cc\u0631\u0646\u062f.\n\n\u0645\u0634\u062a\u0631\u06cc\u0627\u0646 \u0633\u06cc\u0633\u06a9\u0648 \u062a\u0634\u0648\u06cc\u0642 \u0645\u06cc \u0634\u0648\u0646\u062f \u062a\u0627 \u062f\u0631 \u0627\u0633\u0631\u0639 \u0648\u0642\u062a \u0627\u0635\u0644\u0627\u062d\u0627\u062a \u0631\u0627 \u0627\u0639\u0645\u0627\u0644 \u06a9\u0646\u0646\u062f. \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0628\u06cc\u0634\u062a\u0631 \u0631\u0627 \u0645\u06cc \u062a\u0648\u0627\u0646 \u062f\u0631 \u0627\u06cc\u0646\u062c\u0627 \u06cc\u0627\u0641\u062a.\n\n\ud83c\udfaf \u062f\u0631 \u062c\u0631\u06cc\u0627\u0646 \u0646\u0628\u0636 \u0627\u0645\u0646\u06cc\u062a \u0633\u0627\u06cc\u0628\u0631\u06cc \u0635\u0646\u0639\u062a\u06cc \u0628\u0627\u0634\u06cc\u062f:\n\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u0648\u0627\u062a\u0633 \u0622\u067e :\nhttps://chat.whatsapp.com/FpB620AWEeSKvd8U6cFh33", "creation_timestamp": "2024-10-31T18:51:56.000000Z"} https://vulnerability.circl.lu/sighting/3d493459-b39b-406d-a96e-8dade4404ce3/export Thu, 31 Oct 2024 18:51:56 +0000 1e989e14-b2bf-46bb-b4b2-d2a528baf685 https://vulnerability.circl.lu/sighting/1e989e14-b2bf-46bb-b4b2-d2a528baf685/export {"uuid": "1e989e14-b2bf-46bb-b4b2-d2a528baf685", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20377", "type": "seen", "source": "https://t.me/ics_cert/943", "content": "\u0633\u06cc\u0633\u06a9\u0648 \u0628\u0631\u0627\u06cc \u0686\u0646\u062f\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u0627\u0645\u0646\u06cc\u062a\u06cc \u062a\u0637\u0628\u06cc\u0642\u06cc \u200b\u200b(ASA)\u060c \u0645\u0631\u06a9\u0632 \u0645\u062f\u06cc\u0631\u06cc\u062a \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0627\u0645\u0646 (FMC) \u0648 Firepower Threat Defense (FTD) \u0627\u0635\u0644\u0627\u062d\u0627\u062a\u06cc \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a\u060c \u0627\u0632 \u062c\u0645\u0644\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc\u06cc \u06a9\u0647 \u062f\u0631 \u067e\u0644\u0646\u062a \u0647\u0627 \u0642\u0627\u0628\u0644 \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0633\u062a.\n\nCVE-2024-20481 \u0628\u0627 CVSS 5.8 \u0633\u0631\u0648\u06cc\u0633 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 VPN (RAVPN) ASA \u0648 FTD \u0631\u0627 \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0642\u0631\u0627\u0631 \u0645\u06cc \u062f\u0647\u062f \u0648 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0648 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0646\u0634\u062f\u0647 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0628\u0627 \u0641\u0631\u0633\u0648\u062f\u06af\u06cc \u0645\u0646\u0627\u0628\u0639 \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u062a\u0639\u062f\u0627\u062f \u0632\u06cc\u0627\u062f\u06cc \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a VPN\u060c \u0634\u0631\u0627\u06cc\u0637 DoS \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u0646\u062f.\n\n\u062f\u0631 \u0627\u06cc\u0646 \u0645\u0648\u0631\u062f\u060c \u062a\u0646\u0647\u0627 \u062f\u0633\u062a\u06af\u0627\u0647\u200c\u0647\u0627\u06cc\u06cc \u06a9\u0647 \u0646\u0633\u062e\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 ASA \u06cc\u0627 FTD \u0631\u0627 \u0627\u062c\u0631\u0627 \u0645\u06cc\u200c\u06a9\u0646\u0646\u062f \u06a9\u0647 \u0633\u0631\u0648\u06cc\u0633 RAVPN \u0631\u0648\u06cc \u0622\u0646\u200c\u0647\u0627 \u0641\u0639\u0627\u0644 \u0627\u0633\u062a\u060c \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u0647\u0633\u062a\u0646\u062f.\n\n\u0633\u06cc\u0633\u06a9\u0648 \u0645\u06cc\u200c\u06af\u0648\u06cc\u062f \u062d\u0645\u0644\u0627\u062a \u0645\u0634\u0627\u0647\u062f\u0647\u200c\u0634\u062f\u0647 \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 \u06cc\u06a9 \u06a9\u0645\u067e\u06cc\u0646 \u062f\u0631 \u0645\u0642\u06cc\u0627\u0633 \u0628\u0632\u0631\u06af \u0628\u0627 \u0646\u06cc\u0631\u0648\u06cc brute-force \u0627\u0633\u062a \u06a9\u0647 \u0686\u0646\u062f\u06cc\u0646 \u0633\u0631\u0648\u06cc\u0633 VPN \u0648 SSH \u0631\u0627 \u0647\u062f\u0641 \u0642\u0631\u0627\u0631 \u0645\u06cc\u200c\u062f\u0647\u062f\u060c \u06a9\u0647 \u062f\u0631 \u0622\u0648\u0631\u06cc\u0644 2024 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u06a9\u0631\u062f. \u0622\u0646\u0647\u0627 \u0646\u0647 \u062a\u0646\u0647\u0627 \u0633\u06cc\u0633\u06a9\u0648\u060c \u0628\u0644\u06a9\u0647 \u0645\u062d\u0635\u0648\u0644\u0627\u062a\u06cc \u0627\u0632 Checkpoint\u060c Fortinet\u060c SonicWall\u060c MikroTik\u060c Draytek \u0648 Ubiquiti \u0631\u0627 \u0646\u06cc\u0632 \u0647\u062f\u0641 \u0642\u0631\u0627\u0631 \u0645\u06cc \u062f\u0647\u0646\u062f.\n\n\u0627\u06cc\u0646 \u062a\u0648\u0635\u06cc\u0647 \u0634\u0634 \u0645\u0627\u0647\u0647 \u0647\u0645\u0686\u0646\u06cc\u0646 50 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062f\u06cc\u06af\u0631\u060c \u0627\u0632 \u062c\u0645\u0644\u0647 \u0633\u0647 \u0645\u0648\u0636\u0648\u0639 \u062d\u06cc\u0627\u062a\u06cc \u0631\u0627 \u0634\u0631\u062d \u0645\u06cc \u062f\u0647\u062f. \u0647\u06cc\u0686 \u0645\u062f\u0631\u06a9\u06cc \u062f\u0627\u0644 \u0628\u0631 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0647\u06cc\u0686 \u06cc\u06a9 \u0627\u0632 \u0622\u0646\u0647\u0627 \u062f\u0631 \u062d\u0645\u0644\u0627\u062a \u0648\u062c\u0648\u062f \u0646\u062f\u0627\u0631\u062f.\n\n\u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c \u0641\u0631\u0648\u0634\u0646\u062f\u0647 \u0647\u0634\u062f\u0627\u0631 \u0645\u06cc \u062f\u0647\u062f \u06a9\u0647 \u06cc\u06a9 PoC \u0628\u0631\u0627\u06cc CVE-2024-20377\u060c CVE-2024-20387\u060c \u0648 CVE-2024-20388\u060c \u0633\u0647 \u0628\u0627\u06af \u0627\u0641\u0634\u0627\u06cc \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u062f\u0631 FMC\u060c \u062f\u0631 \u062f\u0633\u062a\u0631\u0633 \u0627\u0633\u062a.\n\n\u0627\u0648\u0644\u06cc\u0646 \u0628\u0627\u06af \u0645\u0647\u0645 \u062f\u0631 ASA\u060c CVE-2024-20329 (CVSS 9.9)\u060c \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0634\u062f\u0647 \u0648 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 \u0631\u0627 \u0628\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a \u0631\u06cc\u0634\u0647 \u0627\u0632 \u0637\u0631\u06cc\u0642 SSH \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f \u0648 \u06a9\u0646\u062a\u0631\u0644 \u06a9\u0627\u0645\u0644 \u0633\u06cc\u0633\u062a\u0645 \u0631\u0627 \u0628\u0647 \u062f\u0633\u062a \u0622\u0648\u0631\u062f.\n\nCVE-2024-20424 (CVSS 9.9) \u062f\u0631 FMC \u0628\u0647 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0634\u062f\u0647 \u0648 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc \u062f\u0647\u062f \u062a\u0627 \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0647\u0627\u06cc HTTP \u0633\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u0648\u06cc\u0698\u0647 \u0627\u06cc \u0631\u0627 \u0627\u0631\u0633\u0627\u0644 \u06a9\u0646\u062f \u06a9\u0647 \u0628\u0647 \u062f\u0631\u0633\u062a\u06cc \u0628\u0631\u0627\u06cc \u0627\u062c\u0631\u0627\u06cc \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u062f\u0644\u062e\u0648\u0627\u0647 \u0628\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a \u0631\u06cc\u0634\u0647 \u062f\u0631 \u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 \u0632\u06cc\u0631\u06cc\u0646 \u062f\u0633\u062a\u06af\u0627\u0647 \u0647\u0627 \u062a\u0623\u06cc\u06cc\u062f \u0646\u0634\u062f\u0647 \u0627\u0646\u062f.\n\n\u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062d\u06cc\u0627\u062a\u06cc FTD \u0631\u0648\u06cc \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0647\u0627\u06cc \u0633\u0631\u06cc Cisco Firepower 1000\u060c 2100\u060c 3100 \u0648 4200 \u062a\u0623\u062b\u06cc\u0631 \u0645\u06cc \u06af\u0630\u0627\u0631\u062f \u0648 \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 CVE-2024-20412 (CVSS 9.3) \u0631\u062f\u06cc\u0627\u0628\u06cc \u0645\u06cc \u0634\u0648\u062f.\n\n\u0627\u06cc\u0646 \u0628\u0647 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u0645\u062d\u0644\u06cc \u0648 \u062a\u0627\u06cc\u06cc\u062f \u0646\u0634\u062f\u0647 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc \u062f\u0647\u062f \u062a\u0627 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u0639\u062a\u0628\u0627\u0631\u0646\u0627\u0645\u0647 \u0647\u0627\u06cc \u0627\u06cc\u0633\u062a\u0627 \u0648\u0627\u0631\u062f \u0631\u0627\u0628\u0637 \u062e\u0637 \u0641\u0631\u0645\u0627\u0646 \u06cc\u06a9 \u062f\u0633\u062a\u06af\u0627\u0647 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 \u0634\u0648\u062f.\n\n\u0633\u06cc\u0633\u06a9\u0648 \u0647\u0645\u0686\u0646\u06cc\u0646 \u0627\u0635\u0644\u0627\u062d\u0627\u062a\u06cc \u0631\u0627 \u0628\u0631\u0627\u06cc 10 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u062f\u0631 FTD \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f \u06a9\u0647 \u0628\u06cc\u0634 \u0627\u0632 \u0646\u06cc\u0645\u06cc \u0627\u0632 \u0622\u0646 \u0647\u0627 ASA \u0631\u0627 \u0646\u06cc\u0632 \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0642\u0631\u0627\u0631 \u062f\u0627\u062f\u0646\u062f. \u06cc\u06a9\u06cc \u062f\u06cc\u06af\u0631 \u0627\u0632 \u0646\u0642\u0635\u200c\u0647\u0627\u06cc \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u062f\u0631 \u0627\u0628\u0632\u0627\u0631 \u0645\u062c\u0627\u0632\u06cc \u0627\u0645\u0646\u06cc\u062a \u062a\u0637\u0628\u06cc\u0642\u06cc \u200b\u200b(ASAv) \u0648 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0627\u0645\u0646\u060c \u062f\u0641\u0627\u0639 \u0645\u062c\u0627\u0632\u06cc (FTDv) \u0628\u0631\u0631\u0633\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a.\n\n\u0628\u0647 \u0627\u0633\u062a\u062b\u0646\u0627\u06cc \u06cc\u06a9 \u0627\u0634\u06a9\u0627\u0644 \u062f\u0631 \u0633\u0631\u0648\u0631 \u0648\u0628 VPN ASA \u0648 FTD \u06a9\u0647 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0645\u0646\u062c\u0631 \u0628\u0647 \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u0628\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a \u0631\u06cc\u0634\u0647 \u0634\u0648\u062f\u060c \u0645\u0633\u0627\u0626\u0644 \u062c\u062f\u06cc \u0628\u0627\u0642\u06cc \u0645\u0627\u0646\u062f\u0647 \u0645\u06cc \u062a\u0648\u0627\u0646\u0646\u062f \u0628\u0631\u0627\u06cc \u0627\u06cc\u062c\u0627\u062f \u0634\u0631\u0627\u06cc\u0637 DoS \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u06af\u06cc\u0631\u0646\u062f.\n\n\u0645\u0634\u062a\u0631\u06cc\u0627\u0646 \u0633\u06cc\u0633\u06a9\u0648 \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u0634\u0648\u0646\u062f \u062a\u0627 \u062f\u0631 \u0627\u0633\u0631\u0639 \u0648\u0642\u062a \u0627\u0635\u0644\u0627\u062d\u0627\u062a \u0631\u0627 \u0627\u0639\u0645\u0627\u0644 \u06a9\u0646\u0646\u062f. \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0628\u06cc\u0634\u062a\u0631 \u0631\u0627 \u0645\u06cc \u062a\u0648\u0627\u0646 \u062f\u0631 \u0627\u06cc\u0646\u062c\u0627 \u06cc\u0627\u0641\u062a.\n\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u0648\u0627\u062a\u0633 \u0622\u067e :\nhttps://chat.whatsapp.com/FpB620AWEeSKvd8U6cFh33", "creation_timestamp": "2024-11-03T17:33:56.000000Z"} {"uuid": "1e989e14-b2bf-46bb-b4b2-d2a528baf685", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20377", "type": "seen", "source": "https://t.me/ics_cert/943", "content": "\u0633\u06cc\u0633\u06a9\u0648 \u0628\u0631\u0627\u06cc \u0686\u0646\u062f\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u0627\u0645\u0646\u06cc\u062a\u06cc \u062a\u0637\u0628\u06cc\u0642\u06cc \u200b\u200b(ASA)\u060c \u0645\u0631\u06a9\u0632 \u0645\u062f\u06cc\u0631\u06cc\u062a \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0627\u0645\u0646 (FMC) \u0648 Firepower Threat Defense (FTD) \u0627\u0635\u0644\u0627\u062d\u0627\u062a\u06cc \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a\u060c \u0627\u0632 \u062c\u0645\u0644\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc\u06cc \u06a9\u0647 \u062f\u0631 \u067e\u0644\u0646\u062a \u0647\u0627 \u0642\u0627\u0628\u0644 \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0633\u062a.\n\nCVE-2024-20481 \u0628\u0627 CVSS 5.8 \u0633\u0631\u0648\u06cc\u0633 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 VPN (RAVPN) ASA \u0648 FTD \u0631\u0627 \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0642\u0631\u0627\u0631 \u0645\u06cc \u062f\u0647\u062f \u0648 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0648 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0646\u0634\u062f\u0647 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0628\u0627 \u0641\u0631\u0633\u0648\u062f\u06af\u06cc \u0645\u0646\u0627\u0628\u0639 \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u062a\u0639\u062f\u0627\u062f \u0632\u06cc\u0627\u062f\u06cc \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a VPN\u060c \u0634\u0631\u0627\u06cc\u0637 DoS \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u0646\u062f.\n\n\u062f\u0631 \u0627\u06cc\u0646 \u0645\u0648\u0631\u062f\u060c \u062a\u0646\u0647\u0627 \u062f\u0633\u062a\u06af\u0627\u0647\u200c\u0647\u0627\u06cc\u06cc \u06a9\u0647 \u0646\u0633\u062e\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 ASA \u06cc\u0627 FTD \u0631\u0627 \u0627\u062c\u0631\u0627 \u0645\u06cc\u200c\u06a9\u0646\u0646\u062f \u06a9\u0647 \u0633\u0631\u0648\u06cc\u0633 RAVPN \u0631\u0648\u06cc \u0622\u0646\u200c\u0647\u0627 \u0641\u0639\u0627\u0644 \u0627\u0633\u062a\u060c \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u0647\u0633\u062a\u0646\u062f.\n\n\u0633\u06cc\u0633\u06a9\u0648 \u0645\u06cc\u200c\u06af\u0648\u06cc\u062f \u062d\u0645\u0644\u0627\u062a \u0645\u0634\u0627\u0647\u062f\u0647\u200c\u0634\u062f\u0647 \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 \u06cc\u06a9 \u06a9\u0645\u067e\u06cc\u0646 \u062f\u0631 \u0645\u0642\u06cc\u0627\u0633 \u0628\u0632\u0631\u06af \u0628\u0627 \u0646\u06cc\u0631\u0648\u06cc brute-force \u0627\u0633\u062a \u06a9\u0647 \u0686\u0646\u062f\u06cc\u0646 \u0633\u0631\u0648\u06cc\u0633 VPN \u0648 SSH \u0631\u0627 \u0647\u062f\u0641 \u0642\u0631\u0627\u0631 \u0645\u06cc\u200c\u062f\u0647\u062f\u060c \u06a9\u0647 \u062f\u0631 \u0622\u0648\u0631\u06cc\u0644 2024 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u06a9\u0631\u062f. \u0622\u0646\u0647\u0627 \u0646\u0647 \u062a\u0646\u0647\u0627 \u0633\u06cc\u0633\u06a9\u0648\u060c \u0628\u0644\u06a9\u0647 \u0645\u062d\u0635\u0648\u0644\u0627\u062a\u06cc \u0627\u0632 Checkpoint\u060c Fortinet\u060c SonicWall\u060c MikroTik\u060c Draytek \u0648 Ubiquiti \u0631\u0627 \u0646\u06cc\u0632 \u0647\u062f\u0641 \u0642\u0631\u0627\u0631 \u0645\u06cc \u062f\u0647\u0646\u062f.\n\n\u0627\u06cc\u0646 \u062a\u0648\u0635\u06cc\u0647 \u0634\u0634 \u0645\u0627\u0647\u0647 \u0647\u0645\u0686\u0646\u06cc\u0646 50 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062f\u06cc\u06af\u0631\u060c \u0627\u0632 \u062c\u0645\u0644\u0647 \u0633\u0647 \u0645\u0648\u0636\u0648\u0639 \u062d\u06cc\u0627\u062a\u06cc \u0631\u0627 \u0634\u0631\u062d \u0645\u06cc \u062f\u0647\u062f. \u0647\u06cc\u0686 \u0645\u062f\u0631\u06a9\u06cc \u062f\u0627\u0644 \u0628\u0631 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0647\u06cc\u0686 \u06cc\u06a9 \u0627\u0632 \u0622\u0646\u0647\u0627 \u062f\u0631 \u062d\u0645\u0644\u0627\u062a \u0648\u062c\u0648\u062f \u0646\u062f\u0627\u0631\u062f.\n\n\u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c \u0641\u0631\u0648\u0634\u0646\u062f\u0647 \u0647\u0634\u062f\u0627\u0631 \u0645\u06cc \u062f\u0647\u062f \u06a9\u0647 \u06cc\u06a9 PoC \u0628\u0631\u0627\u06cc CVE-2024-20377\u060c CVE-2024-20387\u060c \u0648 CVE-2024-20388\u060c \u0633\u0647 \u0628\u0627\u06af \u0627\u0641\u0634\u0627\u06cc \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u062f\u0631 FMC\u060c \u062f\u0631 \u062f\u0633\u062a\u0631\u0633 \u0627\u0633\u062a.\n\n\u0627\u0648\u0644\u06cc\u0646 \u0628\u0627\u06af \u0645\u0647\u0645 \u062f\u0631 ASA\u060c CVE-2024-20329 (CVSS 9.9)\u060c \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0634\u062f\u0647 \u0648 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 \u0631\u0627 \u0628\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a \u0631\u06cc\u0634\u0647 \u0627\u0632 \u0637\u0631\u06cc\u0642 SSH \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f \u0648 \u06a9\u0646\u062a\u0631\u0644 \u06a9\u0627\u0645\u0644 \u0633\u06cc\u0633\u062a\u0645 \u0631\u0627 \u0628\u0647 \u062f\u0633\u062a \u0622\u0648\u0631\u062f.\n\nCVE-2024-20424 (CVSS 9.9) \u062f\u0631 FMC \u0628\u0647 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0634\u062f\u0647 \u0648 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc \u062f\u0647\u062f \u062a\u0627 \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0647\u0627\u06cc HTTP \u0633\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u0648\u06cc\u0698\u0647 \u0627\u06cc \u0631\u0627 \u0627\u0631\u0633\u0627\u0644 \u06a9\u0646\u062f \u06a9\u0647 \u0628\u0647 \u062f\u0631\u0633\u062a\u06cc \u0628\u0631\u0627\u06cc \u0627\u062c\u0631\u0627\u06cc \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u062f\u0644\u062e\u0648\u0627\u0647 \u0628\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a \u0631\u06cc\u0634\u0647 \u062f\u0631 \u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 \u0632\u06cc\u0631\u06cc\u0646 \u062f\u0633\u062a\u06af\u0627\u0647 \u0647\u0627 \u062a\u0623\u06cc\u06cc\u062f \u0646\u0634\u062f\u0647 \u0627\u0646\u062f.\n\n\u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062d\u06cc\u0627\u062a\u06cc FTD \u0631\u0648\u06cc \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0647\u0627\u06cc \u0633\u0631\u06cc Cisco Firepower 1000\u060c 2100\u060c 3100 \u0648 4200 \u062a\u0623\u062b\u06cc\u0631 \u0645\u06cc \u06af\u0630\u0627\u0631\u062f \u0648 \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 CVE-2024-20412 (CVSS 9.3) \u0631\u062f\u06cc\u0627\u0628\u06cc \u0645\u06cc \u0634\u0648\u062f.\n\n\u0627\u06cc\u0646 \u0628\u0647 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u0645\u062d\u0644\u06cc \u0648 \u062a\u0627\u06cc\u06cc\u062f \u0646\u0634\u062f\u0647 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc \u062f\u0647\u062f \u062a\u0627 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u0639\u062a\u0628\u0627\u0631\u0646\u0627\u0645\u0647 \u0647\u0627\u06cc \u0627\u06cc\u0633\u062a\u0627 \u0648\u0627\u0631\u062f \u0631\u0627\u0628\u0637 \u062e\u0637 \u0641\u0631\u0645\u0627\u0646 \u06cc\u06a9 \u062f\u0633\u062a\u06af\u0627\u0647 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 \u0634\u0648\u062f.\n\n\u0633\u06cc\u0633\u06a9\u0648 \u0647\u0645\u0686\u0646\u06cc\u0646 \u0627\u0635\u0644\u0627\u062d\u0627\u062a\u06cc \u0631\u0627 \u0628\u0631\u0627\u06cc 10 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u062f\u0631 FTD \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f \u06a9\u0647 \u0628\u06cc\u0634 \u0627\u0632 \u0646\u06cc\u0645\u06cc \u0627\u0632 \u0622\u0646 \u0647\u0627 ASA \u0631\u0627 \u0646\u06cc\u0632 \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0642\u0631\u0627\u0631 \u062f\u0627\u062f\u0646\u062f. \u06cc\u06a9\u06cc \u062f\u06cc\u06af\u0631 \u0627\u0632 \u0646\u0642\u0635\u200c\u0647\u0627\u06cc \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u062f\u0631 \u0627\u0628\u0632\u0627\u0631 \u0645\u062c\u0627\u0632\u06cc \u0627\u0645\u0646\u06cc\u062a \u062a\u0637\u0628\u06cc\u0642\u06cc \u200b\u200b(ASAv) \u0648 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0627\u0645\u0646\u060c \u062f\u0641\u0627\u0639 \u0645\u062c\u0627\u0632\u06cc (FTDv) \u0628\u0631\u0631\u0633\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a.\n\n\u0628\u0647 \u0627\u0633\u062a\u062b\u0646\u0627\u06cc \u06cc\u06a9 \u0627\u0634\u06a9\u0627\u0644 \u062f\u0631 \u0633\u0631\u0648\u0631 \u0648\u0628 VPN ASA \u0648 FTD \u06a9\u0647 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0645\u0646\u062c\u0631 \u0628\u0647 \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u0628\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a \u0631\u06cc\u0634\u0647 \u0634\u0648\u062f\u060c \u0645\u0633\u0627\u0626\u0644 \u062c\u062f\u06cc \u0628\u0627\u0642\u06cc \u0645\u0627\u0646\u062f\u0647 \u0645\u06cc \u062a\u0648\u0627\u0646\u0646\u062f \u0628\u0631\u0627\u06cc \u0627\u06cc\u062c\u0627\u062f \u0634\u0631\u0627\u06cc\u0637 DoS \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u06af\u06cc\u0631\u0646\u062f.\n\n\u0645\u0634\u062a\u0631\u06cc\u0627\u0646 \u0633\u06cc\u0633\u06a9\u0648 \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u0634\u0648\u0646\u062f \u062a\u0627 \u062f\u0631 \u0627\u0633\u0631\u0639 \u0648\u0642\u062a \u0627\u0635\u0644\u0627\u062d\u0627\u062a \u0631\u0627 \u0627\u0639\u0645\u0627\u0644 \u06a9\u0646\u0646\u062f. \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0628\u06cc\u0634\u062a\u0631 \u0631\u0627 \u0645\u06cc \u062a\u0648\u0627\u0646 \u062f\u0631 \u0627\u06cc\u0646\u062c\u0627 \u06cc\u0627\u0641\u062a.\n\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u0648\u0627\u062a\u0633 \u0622\u067e :\nhttps://chat.whatsapp.com/FpB620AWEeSKvd8U6cFh33", "creation_timestamp": "2024-11-03T17:33:56.000000Z"} https://vulnerability.circl.lu/sighting/1e989e14-b2bf-46bb-b4b2-d2a528baf685/export Sun, 03 Nov 2024 17:33:56 +0000 25056059-afdf-4b7f-bb35-35f2ea06e7a2 https://vulnerability.circl.lu/sighting/25056059-afdf-4b7f-bb35-35f2ea06e7a2/export {"uuid": "25056059-afdf-4b7f-bb35-35f2ea06e7a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20371", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113436958723505420", "content": "", "creation_timestamp": "2024-11-06T16:30:32.887764Z"} {"uuid": "25056059-afdf-4b7f-bb35-35f2ea06e7a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20371", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113436958723505420", "content": "", "creation_timestamp": "2024-11-06T16:30:32.887764Z"} https://vulnerability.circl.lu/sighting/25056059-afdf-4b7f-bb35-35f2ea06e7a2/export Wed, 06 Nov 2024 16:30:32 +0000 99455a68-00e6-4c12-8589-771e375bbdc8 https://vulnerability.circl.lu/sighting/99455a68-00e6-4c12-8589-771e375bbdc8/export {"uuid": "99455a68-00e6-4c12-8589-771e375bbdc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20371", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113442108664352339", "content": "", "creation_timestamp": "2024-11-07T14:20:08.136955Z"} {"uuid": "99455a68-00e6-4c12-8589-771e375bbdc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20371", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113442108664352339", "content": "", "creation_timestamp": "2024-11-07T14:20:08.136955Z"} https://vulnerability.circl.lu/sighting/99455a68-00e6-4c12-8589-771e375bbdc8/export Thu, 07 Nov 2024 14:20:08 +0000 befc9b99-0663-452d-8b6d-d81de5f38228 https://vulnerability.circl.lu/sighting/befc9b99-0663-452d-8b6d-d81de5f38228/export {"uuid": "befc9b99-0663-452d-8b6d-d81de5f38228", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20371", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113442108664352339", "content": "", "creation_timestamp": "2024-11-07T14:20:08.591288Z"} {"uuid": "befc9b99-0663-452d-8b6d-d81de5f38228", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20371", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113442108664352339", "content": "", "creation_timestamp": "2024-11-07T14:20:08.591288Z"} https://vulnerability.circl.lu/sighting/befc9b99-0663-452d-8b6d-d81de5f38228/export Thu, 07 Nov 2024 14:20:08 +0000 b93769ec-b123-462b-bef0-ad03f30c5612 https://vulnerability.circl.lu/sighting/b93769ec-b123-462b-bef0-ad03f30c5612/export {"uuid": "b93769ec-b123-462b-bef0-ad03f30c5612", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20371", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113442108664352339", "content": "", "creation_timestamp": "2024-11-07T14:20:08.859307Z"} {"uuid": "b93769ec-b123-462b-bef0-ad03f30c5612", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20371", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113442108664352339", "content": "", "creation_timestamp": "2024-11-07T14:20:08.859307Z"} https://vulnerability.circl.lu/sighting/b93769ec-b123-462b-bef0-ad03f30c5612/export Thu, 07 Nov 2024 14:20:08 +0000 ec9f83fb-c8de-491c-bfa1-421314c01597 https://vulnerability.circl.lu/sighting/ec9f83fb-c8de-491c-bfa1-421314c01597/export {"uuid": "ec9f83fb-c8de-491c-bfa1-421314c01597", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20373", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113487548702029528", "content": "", "creation_timestamp": "2024-11-15T14:56:07.435697Z"} {"uuid": "ec9f83fb-c8de-491c-bfa1-421314c01597", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20373", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113487548702029528", "content": "", "creation_timestamp": "2024-11-15T14:56:07.435697Z"} https://vulnerability.circl.lu/sighting/ec9f83fb-c8de-491c-bfa1-421314c01597/export Fri, 15 Nov 2024 14:56:07 +0000 ff6a5e90-309e-446a-b300-540f65ff5b7c https://vulnerability.circl.lu/sighting/ff6a5e90-309e-446a-b300-540f65ff5b7c/export {"uuid": "ff6a5e90-309e-446a-b300-540f65ff5b7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20373", "type": "seen", "source": "https://t.me/cvedetector/11086", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-20373 - \"Cisco SNMP IPv4 Access Control List Authentication Bypass Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2024-20373 \nPublished : Nov. 15, 2024, 3:15 p.m. | 21\u00a0minutes ago \nDescription : A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) IPv4 access control list (ACL) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic.\u00a0 \n \nThis vulnerability exists because Cisco IOS Software and Cisco IOS XE Software do not support extended IPv4 ACLs for SNMP, but they do allow administrators to configure extended named IPv4 ACLs that are attached to the SNMP server configuration without a warning message. This can result in no ACL being applied to the SNMP listening process. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP operations that should be denied. The attacker has no control of the SNMP ACL configuration and would still need a valid SNMP version 2c (SNMPv2c) community string or SNMP version 3 (SNMPv3) user credentials. \nSNMP with IPv6 ACL configurations is not affected. \nFor more information, see the section of this advisory. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"15 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T16:36:48.000000Z"} {"uuid": "ff6a5e90-309e-446a-b300-540f65ff5b7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20373", "type": "seen", "source": "https://t.me/cvedetector/11086", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-20373 - \"Cisco SNMP IPv4 Access Control List Authentication Bypass Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2024-20373 \nPublished : Nov. 15, 2024, 3:15 p.m. | 21\u00a0minutes ago \nDescription : A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) IPv4 access control list (ACL) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic.\u00a0 \n \nThis vulnerability exists because Cisco IOS Software and Cisco IOS XE Software do not support extended IPv4 ACLs for SNMP, but they do allow administrators to configure extended named IPv4 ACLs that are attached to the SNMP server configuration without a warning message. This can result in no ACL being applied to the SNMP listening process. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP operations that should be denied. The attacker has no control of the SNMP ACL configuration and would still need a valid SNMP version 2c (SNMPv2c) community string or SNMP version 3 (SNMPv3) user credentials. \nSNMP with IPv6 ACL configurations is not affected. \nFor more information, see the section of this advisory. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"15 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T16:36:48.000000Z"} https://vulnerability.circl.lu/sighting/ff6a5e90-309e-446a-b300-540f65ff5b7c/export Fri, 15 Nov 2024 16:36:48 +0000 362bcb5c-d9da-4676-999b-0f5ddec12523 https://vulnerability.circl.lu/sighting/362bcb5c-d9da-4676-999b-0f5ddec12523/export {"uuid": "362bcb5c-d9da-4676-999b-0f5ddec12523", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20378", "type": "seen", "source": "https://t.me/DEVIL_La_RSx/1561", "content": "https://cxsecurity.com/cveshow/CVE-2024-20378/", "creation_timestamp": "2024-12-02T01:56:48.000000Z"} {"uuid": "362bcb5c-d9da-4676-999b-0f5ddec12523", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20378", "type": "seen", "source": "https://t.me/DEVIL_La_RSx/1561", "content": "https://cxsecurity.com/cveshow/CVE-2024-20378/", "creation_timestamp": "2024-12-02T01:56:48.000000Z"} https://vulnerability.circl.lu/sighting/362bcb5c-d9da-4676-999b-0f5ddec12523/export Mon, 02 Dec 2024 01:56:48 +0000 42fb8f49-44ce-48e4-9396-cab713d72b07 https://vulnerability.circl.lu/sighting/42fb8f49-44ce-48e4-9396-cab713d72b07/export {"uuid": "42fb8f49-44ce-48e4-9396-cab713d72b07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2037", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhuls446qm2c", "content": "", "creation_timestamp": "2025-02-11T02:18:18.507312Z"} {"uuid": "42fb8f49-44ce-48e4-9396-cab713d72b07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2037", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhuls446qm2c", "content": "", "creation_timestamp": "2025-02-11T02:18:18.507312Z"} https://vulnerability.circl.lu/sighting/42fb8f49-44ce-48e4-9396-cab713d72b07/export Tue, 11 Feb 2025 02:18:18 +0000