Security News > 2024 > July > Chinese Hackers Exploiting Cisco Switches Zero-Day to Deliver Malware
2024-07-02 04:48
A China-nexus cyber espionage group named Velvet Ant has been observed exploiting a zero-day flaw in Cisco NX-OS Software used in its switches to deliver malware. The vulnerability, tracked as CVE-2024-20399 (CVSS score: 6.0), concerns a case of command injection that allows an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected
News URL
https://thehackernews.com/2024/07/chinese-hackers-exploiting-cisco.html
Related news
- U.S. Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos Firewalls (source)
- Chinese hackers use Visual Studio Code tunnels for remote access (source)
- Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection (source)
- North Korean Hackers Deploy OtterCookie Malware in Contagious Interview Campaign (source)
- White House links ninth telecom breach to Chinese hackers (source)
- Chinese hackers targeted sanctions office in Treasury attack (source)
- US sanctions Chinese company linked to Flax Typhoon hackers (source)
- Chinese hackers also breached Charter and Windstream networks (source)
- Ivanti zero-day attacks infected devices with custom malware (source)
- US Treasury hack linked to Silk Typhoon Chinese state hackers (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-01 | CVE-2024-20399 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific configuration CLI commands. | 6.7 |