<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Sun, 05 Jul 2026 09:28:01 +0000</lastBuildDate>
    <item>
      <title>46cab88a-8402-441c-b252-cc524914e760</title>
      <link>https://vulnerability.circl.lu/sighting/46cab88a-8402-441c-b252-cc524914e760/export</link>
      <description>{"uuid": "46cab88a-8402-441c-b252-cc524914e760", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20331", "type": "seen", "source": "https://t.me/cvedetector/8734", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20331 - Cisco ASA and FTD Remote Access SSL VPN Session Authentication Handle Overflow\", \n  \"Content\": \"CVE ID : CVE-2024-20331 \nPublished : Oct. 23, 2024, 5:15 p.m. | 33\u00a0minutes ago \nDescription : A vulnerability in the session authentication functionality of the Remote Access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to prevent users from authenticating.  \n  \nThis vulnerability is due to insufficient entropy in the authentication process. An attacker could exploit this vulnerability by determining the handle of an authenticating user and using it to terminate their authentication session. A successful exploit could allow the attacker to force a user to restart the authentication process, preventing a legitimate user from establishing remote access VPN sessions. \nSeverity: 6.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T19:54:35.000000Z"}</description>
      <content:encoded>{"uuid": "46cab88a-8402-441c-b252-cc524914e760", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20331", "type": "seen", "source": "https://t.me/cvedetector/8734", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20331 - Cisco ASA and FTD Remote Access SSL VPN Session Authentication Handle Overflow\", \n  \"Content\": \"CVE ID : CVE-2024-20331 \nPublished : Oct. 23, 2024, 5:15 p.m. | 33\u00a0minutes ago \nDescription : A vulnerability in the session authentication functionality of the Remote Access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to prevent users from authenticating.  \n  \nThis vulnerability is due to insufficient entropy in the authentication process. An attacker could exploit this vulnerability by determining the handle of an authenticating user and using it to terminate their authentication session. A successful exploit could allow the attacker to force a user to restart the authentication process, preventing a legitimate user from establishing remote access VPN sessions. \nSeverity: 6.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T19:54:35.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/46cab88a-8402-441c-b252-cc524914e760/export</guid>
      <pubDate>Wed, 23 Oct 2024 19:54:35 +0000</pubDate>
    </item>
    <item>
      <title>818830a7-3a00-4830-b2fd-e23dc9e27d71</title>
      <link>https://vulnerability.circl.lu/sighting/818830a7-3a00-4830-b2fd-e23dc9e27d71/export</link>
      <description>{"uuid": "818830a7-3a00-4830-b2fd-e23dc9e27d71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20330", "type": "seen", "source": "https://t.me/cvedetector/8733", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20330 - \"Cisco Firepower 2100 Series Appliances Snort Detection Engine Memory Corruption Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-20330 \nPublished : Oct. 23, 2024, 5:15 p.m. | 33\u00a0minutes ago \nDescription : A vulnerability in the Snort 2 and Snort 3 TCP and UDP detection engine of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause memory corruption, which could cause the Snort detection engine to restart unexpectedly.  \n  \nThis vulnerability is due to improper memory management when the Snort detection engine processes specific TCP or UDP packets. An attacker could exploit this vulnerability by sending crafted TCP or UDP packets through a device that is inspecting traffic using the Snort detection engine. A successful exploit could allow the attacker to restart the Snort detection engine repeatedly, which could cause a denial of service (DoS) condition. The DoS condition impacts only the traffic through the device that is examined by the Snort detection engine. The device can still be managed over the network.  \nNote: Once a memory block is corrupted, it cannot be cleared until the Cisco Firepower 2100 Series Appliance is manually reloaded. This means that the Snort detection engine could crash repeatedly, causing traffic that is processed by the Snort detection engine to be dropped until the device is manually reloaded. \nSeverity: 8.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T19:54:34.000000Z"}</description>
      <content:encoded>{"uuid": "818830a7-3a00-4830-b2fd-e23dc9e27d71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20330", "type": "seen", "source": "https://t.me/cvedetector/8733", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20330 - \"Cisco Firepower 2100 Series Appliances Snort Detection Engine Memory Corruption Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-20330 \nPublished : Oct. 23, 2024, 5:15 p.m. | 33\u00a0minutes ago \nDescription : A vulnerability in the Snort 2 and Snort 3 TCP and UDP detection engine of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause memory corruption, which could cause the Snort detection engine to restart unexpectedly.  \n  \nThis vulnerability is due to improper memory management when the Snort detection engine processes specific TCP or UDP packets. An attacker could exploit this vulnerability by sending crafted TCP or UDP packets through a device that is inspecting traffic using the Snort detection engine. A successful exploit could allow the attacker to restart the Snort detection engine repeatedly, which could cause a denial of service (DoS) condition. The DoS condition impacts only the traffic through the device that is examined by the Snort detection engine. The device can still be managed over the network.  \nNote: Once a memory block is corrupted, it cannot be cleared until the Cisco Firepower 2100 Series Appliance is manually reloaded. This means that the Snort detection engine could crash repeatedly, causing traffic that is processed by the Snort detection engine to be dropped until the device is manually reloaded. \nSeverity: 8.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T19:54:34.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/818830a7-3a00-4830-b2fd-e23dc9e27d71/export</guid>
      <pubDate>Wed, 23 Oct 2024 19:54:34 +0000</pubDate>
    </item>
    <item>
      <title>4358a5f9-bd53-4d60-9b21-009be2ba889a</title>
      <link>https://vulnerability.circl.lu/sighting/4358a5f9-bd53-4d60-9b21-009be2ba889a/export</link>
      <description>{"uuid": "4358a5f9-bd53-4d60-9b21-009be2ba889a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20339", "type": "seen", "source": "https://t.me/cvedetector/8726", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20339 - Cisco Firepower FTD TLS Denial of Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-20339 \nPublished : Oct. 23, 2024, 5:15 p.m. | 33\u00a0minutes ago \nDescription : A vulnerability in the TLS processing feature of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.  \n  \nThis vulnerability is due to an issue that occurs when TLS traffic is processed. An attacker could exploit this vulnerability by sending certain TLS traffic over IPv4 through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition and impacting traffic to and through the affected device. \nSeverity: 8.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T19:54:22.000000Z"}</description>
      <content:encoded>{"uuid": "4358a5f9-bd53-4d60-9b21-009be2ba889a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20339", "type": "seen", "source": "https://t.me/cvedetector/8726", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20339 - Cisco Firepower FTD TLS Denial of Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-20339 \nPublished : Oct. 23, 2024, 5:15 p.m. | 33\u00a0minutes ago \nDescription : A vulnerability in the TLS processing feature of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.  \n  \nThis vulnerability is due to an issue that occurs when TLS traffic is processed. An attacker could exploit this vulnerability by sending certain TLS traffic over IPv4 through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition and impacting traffic to and through the affected device. \nSeverity: 8.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T19:54:22.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/4358a5f9-bd53-4d60-9b21-009be2ba889a/export</guid>
      <pubDate>Wed, 23 Oct 2024 19:54:22 +0000</pubDate>
    </item>
    <item>
      <title>65fc7a04-0a48-4d0f-b8b6-376fc7136b36</title>
      <link>https://vulnerability.circl.lu/sighting/65fc7a04-0a48-4d0f-b8b6-376fc7136b36/export</link>
      <description>{"uuid": "65fc7a04-0a48-4d0f-b8b6-376fc7136b36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20337", "type": "seen", "source": "https://t.me/ctinow/204263", "content": "https://ift.tt/KnhEojY\nCVE-2024-20337 Exploit", "creation_timestamp": "2024-03-10T14:16:42.000000Z"}</description>
      <content:encoded>{"uuid": "65fc7a04-0a48-4d0f-b8b6-376fc7136b36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20337", "type": "seen", "source": "https://t.me/ctinow/204263", "content": "https://ift.tt/KnhEojY\nCVE-2024-20337 Exploit", "creation_timestamp": "2024-03-10T14:16:42.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/65fc7a04-0a48-4d0f-b8b6-376fc7136b36/export</guid>
      <pubDate>Sun, 10 Mar 2024 14:16:42 +0000</pubDate>
    </item>
    <item>
      <title>09d998cf-2d0c-4047-a092-5b0905617b03</title>
      <link>https://vulnerability.circl.lu/sighting/09d998cf-2d0c-4047-a092-5b0905617b03/export</link>
      <description>{"uuid": "09d998cf-2d0c-4047-a092-5b0905617b03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20337", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6771", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-20337 POC Cisco Secure Client CRLF RCE and unauthorized remote access to VPN sessions\nURL\uff1ahttps://github.com/swagcraftedd/CVE-2024-20337-POC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-03-10T06:17:24.000000Z"}</description>
      <content:encoded>{"uuid": "09d998cf-2d0c-4047-a092-5b0905617b03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20337", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6771", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-20337 POC Cisco Secure Client CRLF RCE and unauthorized remote access to VPN sessions\nURL\uff1ahttps://github.com/swagcraftedd/CVE-2024-20337-POC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-03-10T06:17:24.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/09d998cf-2d0c-4047-a092-5b0905617b03/export</guid>
      <pubDate>Sun, 10 Mar 2024 06:17:24 +0000</pubDate>
    </item>
    <item>
      <title>5809c553-c10c-42a3-9096-1661807ed29a</title>
      <link>https://vulnerability.circl.lu/sighting/5809c553-c10c-42a3-9096-1661807ed29a/export</link>
      <description>{"uuid": "5809c553-c10c-42a3-9096-1661807ed29a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20337", "type": "seen", "source": "https://t.me/ap_security/495", "content": "#itnews #infosec\n\nCisco \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u0432\u044b\u0441\u043e\u043a\u043e \u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438 \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0430 VPN \u0432 Secure Client\ud83c\udff4\u200d\u2620\ufe0f\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Cisco \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0438 Secure Client, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0434\u043b\u044f \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u044f VPN-\u0441\u0435\u0441\u0441\u0438\u0438 \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f-\u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043e\u043f\u0438\u0441\u0430\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0434 \u043a\u043e\u0434\u043e\u0432\u044b\u043c \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c CVE-2024-20337 (CVSS score: 8.2), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u043f\u0440\u043e\u0432\u0435\u0441\u0442\u0438 \u0430\u0442\u0430\u043a\u0443 CRLF\n\n\u0412\u043e\u0437\u043d\u0438\u043a\u0430\u044f \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0434\u0430\u043d\u043d\u044b\u0445, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u043e\u0442 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a, \u0447\u0442\u043e\u0431\u044b \u043e\u0431\u043c\u0430\u043d\u043e\u043c \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043f\u0435\u0440\u0435\u0439\u0442\u0438 \u043f\u043e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0439 \u0441\u0441\u044b\u043b\u043a\u0435 \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f VPN-\u0441\u0435\u0441\u0441\u0438\u0438", "creation_timestamp": "2024-03-09T10:21:33.000000Z"}</description>
      <content:encoded>{"uuid": "5809c553-c10c-42a3-9096-1661807ed29a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20337", "type": "seen", "source": "https://t.me/ap_security/495", "content": "#itnews #infosec\n\nCisco \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u0432\u044b\u0441\u043e\u043a\u043e \u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438 \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0430 VPN \u0432 Secure Client\ud83c\udff4\u200d\u2620\ufe0f\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Cisco \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0438 Secure Client, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0434\u043b\u044f \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u044f VPN-\u0441\u0435\u0441\u0441\u0438\u0438 \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f-\u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043e\u043f\u0438\u0441\u0430\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0434 \u043a\u043e\u0434\u043e\u0432\u044b\u043c \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c CVE-2024-20337 (CVSS score: 8.2), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u043f\u0440\u043e\u0432\u0435\u0441\u0442\u0438 \u0430\u0442\u0430\u043a\u0443 CRLF\n\n\u0412\u043e\u0437\u043d\u0438\u043a\u0430\u044f \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0434\u0430\u043d\u043d\u044b\u0445, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u043e\u0442 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a, \u0447\u0442\u043e\u0431\u044b \u043e\u0431\u043c\u0430\u043d\u043e\u043c \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043f\u0435\u0440\u0435\u0439\u0442\u0438 \u043f\u043e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0439 \u0441\u0441\u044b\u043b\u043a\u0435 \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f VPN-\u0441\u0435\u0441\u0441\u0438\u0438", "creation_timestamp": "2024-03-09T10:21:33.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/5809c553-c10c-42a3-9096-1661807ed29a/export</guid>
      <pubDate>Sat, 09 Mar 2024 10:21:33 +0000</pubDate>
    </item>
    <item>
      <title>add79f87-1eac-43b7-b728-90ba7a11de34</title>
      <link>https://vulnerability.circl.lu/sighting/add79f87-1eac-43b7-b728-90ba7a11de34/export</link>
      <description>{"uuid": "add79f87-1eac-43b7-b728-90ba7a11de34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20337", "type": "seen", "source": "Telegram/huaxANwb_3-GYLMpbOhauKE2iba1wUBKyxZrBJOnlk3UGg", "content": "", "creation_timestamp": "2024-03-08T13:17:00.000000Z"}</description>
      <content:encoded>{"uuid": "add79f87-1eac-43b7-b728-90ba7a11de34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20337", "type": "seen", "source": "Telegram/huaxANwb_3-GYLMpbOhauKE2iba1wUBKyxZrBJOnlk3UGg", "content": "", "creation_timestamp": "2024-03-08T13:17:00.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/add79f87-1eac-43b7-b728-90ba7a11de34/export</guid>
      <pubDate>Fri, 08 Mar 2024 13:17:00 +0000</pubDate>
    </item>
    <item>
      <title>aeeb373b-92c6-4ccb-a947-b2a259f6ba81</title>
      <link>https://vulnerability.circl.lu/sighting/aeeb373b-92c6-4ccb-a947-b2a259f6ba81/export</link>
      <description>{"uuid": "aeeb373b-92c6-4ccb-a947-b2a259f6ba81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20337", "type": "seen", "source": "https://t.me/ctinow/203247", "content": "https://ift.tt/EhRZCnd\nCisco patches Secure Client VPN flaw that could reveal authentication tokens (CVE-2024-20337)", "creation_timestamp": "2024-03-08T12:21:34.000000Z"}</description>
      <content:encoded>{"uuid": "aeeb373b-92c6-4ccb-a947-b2a259f6ba81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20337", "type": "seen", "source": "https://t.me/ctinow/203247", "content": "https://ift.tt/EhRZCnd\nCisco patches Secure Client VPN flaw that could reveal authentication tokens (CVE-2024-20337)", "creation_timestamp": "2024-03-08T12:21:34.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/aeeb373b-92c6-4ccb-a947-b2a259f6ba81/export</guid>
      <pubDate>Fri, 08 Mar 2024 12:21:34 +0000</pubDate>
    </item>
    <item>
      <title>716830e4-a1bf-4889-af33-8b2b2566d899</title>
      <link>https://vulnerability.circl.lu/sighting/716830e4-a1bf-4889-af33-8b2b2566d899/export</link>
      <description>{"uuid": "716830e4-a1bf-4889-af33-8b2b2566d899", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20337", "type": "seen", "source": "https://t.me/thehackernews/4657", "content": "\ud83d\udea8 Cisco issued patches for a high-severity flaw (CVE-2024-20337) in Secure Client software on Windows, Linux, and macOS. Attackers could hijack VPN sessions. \n \nCheck and update now: https://thehackernews.com/2024/03/cisco-issues-patch-for-high-severity.html", "creation_timestamp": "2024-03-08T10:07:10.000000Z"}</description>
      <content:encoded>{"uuid": "716830e4-a1bf-4889-af33-8b2b2566d899", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20337", "type": "seen", "source": "https://t.me/thehackernews/4657", "content": "\ud83d\udea8 Cisco issued patches for a high-severity flaw (CVE-2024-20337) in Secure Client software on Windows, Linux, and macOS. Attackers could hijack VPN sessions. \n \nCheck and update now: https://thehackernews.com/2024/03/cisco-issues-patch-for-high-severity.html", "creation_timestamp": "2024-03-08T10:07:10.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/716830e4-a1bf-4889-af33-8b2b2566d899/export</guid>
      <pubDate>Fri, 08 Mar 2024 10:07:10 +0000</pubDate>
    </item>
    <item>
      <title>7f82b8be-7adc-477c-b8ad-5df1a4b9a9e7</title>
      <link>https://vulnerability.circl.lu/sighting/7f82b8be-7adc-477c-b8ad-5df1a4b9a9e7/export</link>
      <description>{"uuid": "7f82b8be-7adc-477c-b8ad-5df1a4b9a9e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20337", "type": "seen", "source": "https://t.me/KomunitiSiber/1606", "content": "Cisco Issues Patch for High-Severity VPN Hijacking Bug in Secure Client\nhttps://thehackernews.com/2024/03/cisco-issues-patch-for-high-severity.html\n\nCisco has released patches to address a high-severity security flaw impacting its Secure Client software that could be exploited by a threat actor to open a VPN session with that of a targeted user.\nThe networking equipment company described the vulnerability, tracked as CVE-2024-20337 (CVSS score: 8.2), as allowing an unauthenticated, remote attacker to conduct a carriage return line feed (CRLF", "creation_timestamp": "2024-03-08T10:07:09.000000Z"}</description>
      <content:encoded>{"uuid": "7f82b8be-7adc-477c-b8ad-5df1a4b9a9e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20337", "type": "seen", "source": "https://t.me/KomunitiSiber/1606", "content": "Cisco Issues Patch for High-Severity VPN Hijacking Bug in Secure Client\nhttps://thehackernews.com/2024/03/cisco-issues-patch-for-high-severity.html\n\nCisco has released patches to address a high-severity security flaw impacting its Secure Client software that could be exploited by a threat actor to open a VPN session with that of a targeted user.\nThe networking equipment company described the vulnerability, tracked as CVE-2024-20337 (CVSS score: 8.2), as allowing an unauthenticated, remote attacker to conduct a carriage return line feed (CRLF", "creation_timestamp": "2024-03-08T10:07:09.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/7f82b8be-7adc-477c-b8ad-5df1a4b9a9e7/export</guid>
      <pubDate>Fri, 08 Mar 2024 10:07:09 +0000</pubDate>
    </item>
  </channel>
</rss>
