Security News > 2024 > August > Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control
2024-08-22 16:13
Details have emerged about a China-nexus threat group's exploitation of a recently disclosed, now-patched security flaw in Cisco switches as a zero-day to seize control of the appliance and evade detection. The activity, attributed to Velvet Ant, was observed early this year and involved the weaponization of CVE-2024-20399 (CVSS score: 6.0) to deliver bespoke malware and gain extensive control
News URL
https://thehackernews.com/2024/08/chinese-hackers-exploit-zero-day-cisco.html
Related news
- Chinese Volt Typhoon hackers exploited Versa zero-day to breach ISPs, MSPs (source)
- Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs (source)
- North Korean hackers exploit Chrome zero-day to deploy rootkit (source)
- North Korean Hackers Deploy FudModule Rootkit via Chrome Zero-Day Exploit (source)
- Chinese APT40 group swifly leverages public PoC exploits (source)
- Chinese APT40 hackers hijack SOHO routers to launch attacks (source)
- Hackers use PoC exploits in attacks 22 minutes after release (source)
- Cisco SSM On-Prem bug lets hackers change any user's password (source)
- Critical Cisco bug lets hackers add root users on SEG devices (source)
- Chinese Hackers Target Taiwan and U.S. NGO with MgBot and MACMA Malware (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-01 | CVE-2024-20399 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific configuration CLI commands. | 6.7 |