CVE-2023-35170

CVE-2023-35170

Sliver is an open source cross-platform adversary emulation/red team framework. The cryptography implementation in Sliver up to and including version 1.5.39 allows a man in the middle (MitM) attack with access to the corresponding implant binary to execute arbitrary codes on implanted devices via intercepted and crafted responses. A successful attack grants the attacker permission to execute arbitrary code on the implanted device. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Source: CVE-2023-35170

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다