Merge pull request #680 from DIVD-NL/cisco-ios-remediation

Cert-at remediation steps
DIVD-NL · Oct 18, 2023 · 376e9cb · 376e9cb
2 parents d7193ea + d3314cd
commit 376e9cb
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/_cases/2023/DIVD-2023-00038.md b/_cases/2023/DIVD-2023-00038.md
@@ -38,7 +38,8 @@ On October 16th, Cisco disclosed an authentication bypass vulnerability affectin
 
 ## Recommendations
 
-No patch is currently available, therefore disable HTTP(S) access to any management interfaces if possible. If HTTP(S) access is required, implement an Access Control List to limit access.
+Given that no patch is yet available, disable HTTP(S) access to any management interfaces if possible. If HTTP(S) access is required, implement an Access Control List to limit access.
+If your appliance contains an implant, the steps to remediate are rebooting the appliance to neutralize the implant, disabling http(s)-server and removing any privileged accounts in that order.
 
 ## What we are doing