The following enhancements and improvements are now available to Censys ASM and Search customers.
Censys Search
- Quickly identify vulnerable hosts and exposures using the following enhancements for CVE Context in the Censys Search UI:
- Filters in search results: Filter by CVE ID, CVSS Scores, and CISA’s KEV catalog in the left navigation panel.
- CVE count in host record preview: See the total number of CVEs for a host at a glance in the host record preview in search results.
- CVE tab and page on host records: View the total number of CVEs associated with a host record via the new CVEs tab. Click this tab to see detailed information about all CVEs detected on a host, sorted by CVSS score and KEV catalog status.
- This added visibility in the Search web interface complements the CVE context that was already available in the raw data and via API.
- The CVE Context dataset is only available to customers who have purchased the add-on for this data. Contact your Censys account team to learn more about acquiring access to this dataset.
Rapid Response
The Censys Rapid Response team published information about and queries for the following issues and vulnerabilities:
- Versa Director Dangerous File Type Upload Vulnerability yCVE-2024-39717]
- To identify potentially all Versa Director instances (versions cannot be detected), the following Censys queries can be used:
- Censys Search Query: services.software: (vendor: Versa and product: Director)
- Censys ASM query: host.services.software: (vendor: Versa and product: Director) or web_entity.instances.software: (vendor: Versa and product: Director)
- To identify potentially all Versa Director instances (versions cannot be detected), the following Censys queries can be used:
- Progress WhatsUp Gold GetFileWithoutZip Unauthenticated RCE ECVE-2024-4885]
- To identify potentially vulnerable Progress WhatsUp Gold instances (Please note that not all instances advertise their versions), the following Censys queries can be used:
- Censys Search Query: services.software: (vendor: “Progress” and product: “WhatsUp Gold”)
- Censys ASM query: host.services.software: (vendor: “Progress” and product: “WhatsUp Gold”) or web_entity.instances.software: (vendor: “Progress” and product: “WhatsUp Gold”)
- To identify potentially vulnerable Progress WhatsUp Gold instances (Please note that not all instances advertise their versions), the following Censys queries can be used:
- Moodle Calculated Questions RCE CVE-2024-43425]
- To identify potentially vulnerable Moodle instances (the majority do not show their version), the following Censys queries can be used:
- Censys Search Query: services.software.product: Moodle
- Censys ASM Query: host.services.software.product: Moodle or web_entity.instances.software.product: Moodle
- Censys ASM Risk Query: risks.name: “Moodle RCE Vulnerability CVE-2024-43425]”
- To identify potentially vulnerable Moodle instances (the majority do not show their version), the following Censys queries can be used:
New Fingerprints
Added the following fingerprints:
| Type | Name | Description | Query |
| software | 7777 Botnet | This is a 7777 Botnet victim. | |
| software | Cisco Smart Software Manager | This is a Cisco Smart Software Manager Server. | |
| software | EHR System Jade | Jade EHR system. | |
| software | Mediscan | Mediscan PACs service. | |
| software | mGuard | This is an mGuard Server. | |
| software | Moodle | This is a Moodle Server. | |
| software | Network Thermostat | This service provides access to a network thermostat. | |
| software | Progress WhatsUp Gold | This is a Progress WhatsUp Gold Server. | |
| software | Mobile Security Framework (MobSF) | This is a Mobile Security Framework (MobSF) Server. | |
| software | Versa Director | This is a Versa Director Server. | |
| software | Versa Analytics | This is a Versa Analytics Server. | |
| risk | Mobile Security Framework RCE Vulnerability yCVE-2024-43399] | This is a Mobile Security Framework instance vulnerable to an RCE exploit. | |
| risk | Moodle RCE Vulnerability 0CVE-2024-43425] | This is a Moodle instance vulnerable to an RCE exploit. |
