SSL VPN Vulnerability: Exploitation Timeline & Takeover Risks #shorts

Basically if you abuse this vulnerability you can take over SLB GAN sessions. So again here's more timeline to showcase when was first um compromise detected when was a bolton release stuff like that. So on the left we can see from Arctic Wolf on the 16th November 2024 uh we saw they saw first probing for this vulnerability. So Fred actor was probing was checking of if some device are vulnerable. It was no exploitation yet, just probing. Um, some weeks later, we had some first exploitations on the 4th of December. And roughly one month later, we had a public adversary advisory from 40 gate detailing this vulnerability, offering a patch. Now, again, guys from Watchtower, they're pretty quick. They took a look

at this advisory, did some patch diffing, stuff like that, and came up with POC. they released it and mass exploitation shortly followed. Now again here we have a bit other dates but as you can see like from advisory to the pock it's like roughly two weeks and we have two months from the first wans to the advisory. Three.