Security News > 2024 > July > Chinese Hackers Exploiting Cisco Switches Zero-Day to Deliver Malware
2024-07-02 04:48
A China-nexus cyber espionage group named Velvet Ant has been observed exploiting a zero-day flaw in Cisco NX-OS Software used in its switches to deliver malware. The vulnerability, tracked as CVE-2024-20399 (CVSS score: 6.0), concerns a case of command injection that allows an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected
News URL
https://thehackernews.com/2024/07/chinese-hackers-exploiting-cisco.html
Related news
- Chinese hackers breach more US telecoms via unpatched Cisco routers (source)
- Chinese hackers use custom malware to spy on US telecom networks (source)
- Ivanti zero-day attacks infected devices with custom malware (source)
- US Treasury hack linked to Silk Typhoon Chinese state hackers (source)
- Russia-Linked Hackers Target Kazakhstan in Espionage Campaign with HATVIBE Malware (source)
- FBI wipes Chinese PlugX malware from over 4,000 US computers (source)
- FBI deletes Chinese PlugX malware from thousands of US computers (source)
- FBI wipes Chinese PlugX malware from thousands of Windows PCs in America (source)
- Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer (source)
- US sanctions Chinese firm, hacker behind telecom and Treasury hacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-01 | CVE-2024-20399 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific configuration CLI commands. | 6.7 |