Security News > 2024 > August > Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control
2024-08-22 16:13
Details have emerged about a China-nexus threat group's exploitation of a recently disclosed, now-patched security flaw in Cisco switches as a zero-day to seize control of the appliance and evade detection. The activity, attributed to Velvet Ant, was observed early this year and involved the weaponization of CVE-2024-20399 (CVSS score: 6.0) to deliver bespoke malware and gain extensive control
News URL
https://thehackernews.com/2024/08/chinese-hackers-exploit-zero-day-cisco.html
Related news
- Chinese Volt Typhoon hackers exploited Versa zero-day to breach ISPs, MSPs (source)
- Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs (source)
- North Korean hackers exploit Chrome zero-day to deploy rootkit (source)
- North Korean Hackers Deploy FudModule Rootkit via Chrome Zero-Day Exploit (source)
- Chinese Hackers Exploit Visual Studio Code in Southeast Asian Cyberattacks (source)
- Chinese Hackers Exploit GeoServer Flaw to Target APAC Nations with EAGLEDOOR Malware (source)
- Windows driver zero-day exploited by Lazarus hackers to install rootkit (source)
- Blind Eagle Hackers Exploit Spear-Phishing to Deploy RATs in Latin America (source)
- Hackers Exploit PHP Vulnerability to Deploy Stealthy Msupedge Backdoor (source)
- Hackers use PHP exploit to backdoor Windows systems with new malware (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-07-01 | CVE-2024-20399 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific configuration CLI commands. | 6.7 |