Advertisement
Python253

cve_2023_20198_cisco_ios_xe

Apr 8th, 2024
852
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 3.78 KB | None | 0 0
  1. #!/usr/bin/env python3
  2. # -*- coding: utf-8 -*-
  3. # Filename: cve_2023_20198_cisco_ios_xe.py
  4. # Version: 1.0.0
  5. # Author: Jeoi Reqi
  6. # Vulnerability Source: https://nvd.nist.gov/vuln/detail/CVE-2023-20198
  7.  
  8. """
  9. Description:
  10. This script checks for the presence of vulnerable software configurations on the user's machine
  11. in relation to the CVE-2023-20198 vulnerability. It compares the list of installed software on
  12. the system with a predefined list of vulnerable software configurations associated with the CVE.
  13. If any vulnerable software configurations are found, it displays a warning message to prompt
  14. the user to take immediate action to mitigate the vulnerability.
  15.  
  16. Requirements:
  17. - Python 3.x: The script is written in Python 3 and requires a Python interpreter of version 3 or higher to run.
  18. - WMI Module: The script uses the WMI module to interact with the Windows Management Instrumentation (WMI) API
  19.  to retrieve a list of installed software on a Windows system. Ensure that the WMI module is installed.
  20.  You can install it using pip: `pip install WMI`.
  21.  
  22. Usage:
  23. 1. Ensure Python 3.x is installed on your system.
  24. 2. Install the WMI module by running `pip install WMI`.
  25. 3. Run the script using the command `python cve_2023_20198.py`.
  26. 4. The script will verify if any vulnerable software configurations are installed on your machine and
  27.   provide instructions for mitigation if necessary.
  28.  
  29. Functions:
  30. - get_installed_software(): Retrieves a list of installed software on the user's machine using the WMI module.
  31. - check_for_vulnerabilities(): Compares the list of installed software with a predefined list of vulnerable
  32.  software configurations and displays a warning message if any vulnerable software configurations are found.
  33.  
  34. Important Notes:
  35. - The predefined list of vulnerable software configurations in this script corresponds to the CVE-2023-20198 vulnerability.
  36. - The script only supports Windows systems due to its dependency on the WMI module for retrieving installed software information.
  37. """
  38.  
  39. import wmi
  40.  
  41. # List of vulnerable software configurations
  42. vulnerable_software = [
  43.     "Cisco IOS XE 16.12",
  44.     "Cisco IOS XE 17.3",
  45.     "Cisco IOS XE 17.6",
  46.     "Cisco IOS XE 17.9"
  47. ]
  48.  
  49. def get_installed_software():
  50.     """
  51.    Retrieves a list of installed software on the user's machine using the WMI module.
  52.    
  53.    Returns:
  54.        list: A list containing the names of installed software.
  55.    """
  56.     c = wmi.WMI()
  57.     installed_software = []
  58.     for item in c.Win32_Product():
  59.         installed_software.append(item.Caption)
  60.     return installed_software
  61.  
  62. def check_for_vulnerabilities():
  63.     """
  64.    Compares the list of installed software with a predefined list of vulnerable software configurations
  65.    and displays a warning message if any vulnerable software configurations are found.
  66.    """
  67.     installed_software = get_installed_software()
  68.     vulnerable_installed = [software for software in installed_software if software in vulnerable_software]
  69.     if vulnerable_installed:
  70.         print("\nWarning:\nThe following vulnerable software configurations are installed on your machine:")
  71.         for software in vulnerable_installed:
  72.             print("- " + software)
  73.         print("\nPlease take immediate action to verify compliance with BOD 23-02 & apply mitigations per vendor instructions.\nFor affected products (Cisco IOS XE Web UI exposed to the internet or to untrusted networks):\nfollow vendor instructions to determine if a system may have been compromised & immediately report positive findings to CISA.\n")
  74.     else:
  75.         print("\nAll clear!\nNone of the vulnerable software configurations are installed on your machine.\n")
  76.  
  77. if __name__ == "__main__":
  78.     print("Verifying vulnerable software configurations...")
  79.     check_for_vulnerabilities()
  80.  
  81.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement