RedTeam Tips: Exploiting Cisco Anyconnect CVE-2023-20178

Рет қаралды 2,083

Күн бұрын

"Explore a step-by-step demonstration of the recent CVE-2023-20178, a privilege escalation vulnerability in Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows. We delve into how a low-privileged, authenticated, local attacker could exploit this vulnerability to gain SYSTEM privileges. We'll highlight the improper permissions assigned to a temporary directory created during the client update process and demonstrate how this can be exploited by abusing a specific function of the Windows installer process.
Note: This video is purely educational, designed to raise awareness and improve security measures. Cisco has already released free software updates addressing this vulnerability. Please ensure you're using a fixed software release, such as 4.10MR7 or 5.0MR2, for the respective software."

Пікірлер: 7

@godzab Жыл бұрын

I just want to say, keep up the great work. It's extremely relevant, and I enjoy watching the PoC's shown.

@CyberAttackDefense Жыл бұрын

Thanks for watching!

@abedsidani6419 Жыл бұрын

Can someone explain how do I make the files provided into an executable? Shouldnt i use Visual Studio?

@CyberAttackDefense Жыл бұрын

Yes visual studio

@abedsidani6419 Жыл бұрын

Can u guide me more? What file exactly should i run... or how do i open the whole program?

@abedsidani6419 Жыл бұрын

@@CyberAttackDefense the code is running and when i connect to vpn nothing happens, should i change anything with the paths in main.cpp? Or leave them as is?

@CyberAttackDefense Жыл бұрын

@@abedsidani6419 Make sure it’s a vulnerable version