Security News > 2024 > August > Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control
2024-08-22 16:13
Details have emerged about a China-nexus threat group's exploitation of a recently disclosed, now-patched security flaw in Cisco switches as a zero-day to seize control of the appliance and evade detection. The activity, attributed to Velvet Ant, was observed early this year and involved the weaponization of CVE-2024-20399 (CVSS score: 6.0) to deliver bespoke malware and gain extensive control
News URL
https://thehackernews.com/2024/08/chinese-hackers-exploit-zero-day-cisco.html
Related news
- U.S. Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos Firewalls (source)
- Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet (source)
- Hackers exploit 16 zero-days on first day of Pwn2Own Automotive 2025 (source)
- U.S. org suffered four month intrusion by Chinese hackers (source)
- Chinese hackers use Visual Studio Code tunnels for remote access (source)
- Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection (source)
- Hackers exploit DoS flaw to disable Palo Alto Networks firewalls (source)
- White House links ninth telecom breach to Chinese hackers (source)
- Hackers exploit Four-Faith router flaw to open reverse shells (source)
- Chinese APT Exploits BeyondTrust API Key to Access U.S. Treasury Systems and Documents (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-01 | CVE-2024-20399 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific configuration CLI commands. | 6.7 |