The following enhancements and improvements are now available to Censys ASM and Search customers.
Rapid Response
The Censys Rapid Response team published information about and queries for the following issues and vulnerabilities:
- Microsoft Windows IPv6 TCP/IP RCE (CVE-2024-38063)
- To identify potentially vulnerable non-hosted Windows systems for CVE-2024-38063, you can use the same Censys queries that were shared to track CVE-2024-38077:
- Censys Search Query: services.parsed.dcerpc.endpoints.explained_uuid=”3d267954-eeb7-11d1-b94e-00c04fa3080d v1.0″
- Censys ASM Query: host.services.parsed.dcerpc.endpoints.explained_uuid=”3d267954-eeb7-11d1-b94e-00c04fa3080d v1.0″
- Censys ASM Risk Query: risks.name=”Windows Remote Desktop Licensing Service RCE Vulnerability eCVE-2024-38077]”
- To identify potentially vulnerable non-hosted Windows systems for CVE-2024-38063, you can use the same Censys queries that were shared to track CVE-2024-38077:
New Fingerprints
Added the following fingerprints:
| Type | Name | Description | Query |
| software | BrainBoxes Ethernet to Serial | This is a BrainBoxes Ethernet to Serial Device. | Search: services.software: (vendor='BrainBoxes' and product=`Ethernet to Serial`) |
| software | WatchGuard | This is a device running WatchGuard Fireware OS. | Search: services.software: (vendor:'Watchguard' and product:'FireWare') |
| software | WatchGuard Fireware XTM OS | This is a WatchGuard Firewall Device running the XTM OS. | Search: services.software: (vendor:'Watchguard' and product:'FireWare XTM') |
| software | WatchGuard Firewall Implied Device | This is an implied WatchGuard Firewall Device. | Search: services.software: (vendor='WatchGuard' and NOT product:*) |
