CVE-2024-20338 PoC — Cisco Secure Client 安全漏洞

Source

https://github.com/annmuor/CVE-2024-20338

Associated Vulnerability

Title:Cisco Secure Client 安全漏洞 (CVE-2024-20338)
Description:Cisco Secure Client是美国思科（Cisco）公司的一个用于连接虚拟专用网络的软件。 Cisco Secure Client 存在安全漏洞，该漏洞源于 ISE Posture (System Scan) 模块中存在漏洞，可能允许经过身份验证的本地攻击者提升受影响设备上的权限。

Description

CVE-2024-20338 talk for Behind The Code Talk

Readme

## [CVE-2024-20338 advisory](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secure-privesc-sYxQO6ds)

This repository contains demo files for my talk at Behind The Code conference in Limassol.

# Disclaimer
All these materials are provided as is and are intended only for educational purporses. Author have no responsibility for any malicious actions made by someone else.
Author supports responsive disclosure and encourages others to do the same.

File Snapshot


 [4.0K]  /data/pocs/e958db978626e6dc4785de7e19e81e1404523d81
├── [ 114]  cleanup.sh
├── [1.8K]  CVE-2024-20338.sh
├── [ 753]  example-app-exploit.sh
├── [ 348]  fake.c
├── [  62]  lib.c
├── [ 490]  README.md
├── [4.0K]  videos
│   ├── [4.1M]  demo1.mp4
│   └── [1.9M]  demo2.mp4
└── [ 251]  vulnerable.c

1 directory, 9 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!