CVE-2024-20338 PoC — Cisco Secure Client 安全漏洞

Source

https://github.com/annmuor/CVE-2024-20338

Associated Vulnerability

Title:Cisco Secure Client 安全漏洞 (CVE-2024-20338)
Description:A vulnerability in the ISE Posture (System Scan) module of Cisco Secure Client for Linux could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to the use of an uncontrolled search path element. An attacker could exploit this vulnerability by copying a malicious library file to a specific directory in the filesystem and persuading an administrator to restart a specific process. A successful exploit could allow the attacker to execute arbitrary code on an affected device with root privileges.

Description

CVE-2024-20338 talk for Behind The Code Talk

Readme

## [CVE-2024-20338 advisory](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secure-privesc-sYxQO6ds)

This repository contains demo files for my talk at Behind The Code conference in Limassol.

# Disclaimer
All these materials are provided as is and are intended only for educational purporses. Author have no responsibility for any malicious actions made by someone else.
Author supports responsive disclosure and encourages others to do the same.

File Snapshot


 [4.0K]  /data/pocs/e958db978626e6dc4785de7e19e81e1404523d81
├── [ 114]  cleanup.sh
├── [1.8K]  CVE-2024-20338.sh
├── [ 753]  example-app-exploit.sh
├── [ 348]  fake.c
├── [  62]  lib.c
├── [ 490]  README.md
├── [4.0K]  videos
│   ├── [4.1M]  demo1.mp4
│   └── [1.9M]  demo2.mp4
└── [ 251]  vulnerable.c

1 directory, 9 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!