HomeRisk ManagementsCisco Patches an Exploited Zero-Day Vulnerability from databreachtoday.com

Cisco Patches an Exploited Zero-Day Vulnerability from databreachtoday.com

Published on

spot_img

In a recent cyber attack development, China-nexus hackers, known as Velvet Ant, were able to exploit a zero-day vulnerability in Cisco’s NX-OS software back in April. This allowed the hackers to execute arbitrary commands on compromised devices, posing a significant threat to cybersecurity.

Cisco addressed this critical issue on Monday by releasing a patch for the zero-day vulnerability. The discovery of this exploit was credited to cybersecurity firm Sygnia, who identified the remote connection made by Velvet Ant to the NX-OS software used in Cisco switches. The hacker group was able to execute malicious code, gaining root access to the compromised devices.

The vulnerability, tracked as CVE-2024-20399, enabled authenticated local attackers to run commands as root, highlighting the severity of the flaw. This type of command injection vulnerability can be particularly dangerous as it allows attackers to execute commands without triggering system syslog messages, making it challenging to detect malicious activities.

Despite the potential for code execution and the prevalence of Cisco Nexus switches in enterprise environments, the vulnerability is rated relatively low on the Common Vulnerability Scoring System (CVSS) scale. The reason for this lower rating is the requirement for attackers to already have admin credentials and specific command configurations to successfully exploit the vulnerability. Additionally, most Nexus switches are not directly exposed to the internet, further limiting the threat surface for potential attacks.

However, this incident underscores the trend of sophisticated threat groups leveraging network appliances, like switches, to maintain persistent access within corporate networks. Network appliances are often overlooked in terms of security measures, making them attractive targets for cybercriminals seeking to infiltrate organizations.

In a related incident, the same threat actor used outdated F5 BIG-IP appliances to deploy custom malware and steal sensitive data from an East Asian company. The malicious campaign went undetected for three years, underscoring the need for increased vigilance and proactive security measures within organizations.

To mitigate the risk posed by this zero-day vulnerability, Cisco recommends that companies update their admin credentials and closely monitor network activity. Admins can also utilize Cisco’s software checker page to assess their devices’ exposure and take necessary precautions to prevent potential attacks.

Overall, the exploitation of this zero-day vulnerability by China-nexus hackers highlights the ongoing threat of cyber attacks and the importance of robust security practices to safeguard against advanced threats in today’s digital landscape.

Source link

Latest articles

Microsoft SharePoint RCE Under Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has amplified concerns regarding a notable...

Armored Likho APT Targets Government and Power Sector with BusySnake Stealer Deployment

Emerging Phishing Campaign Unveils New Threat: Armored Likho A newly discovered advanced persistent threat (APT),...

Governance in the Era of AI: Finding One’s Way Through the Mirror Maze

Security Leaders Urged to Establish Guidelines and Embrace AI Opportunities By Moona Ederveen-Schneider July 2, 2026 In...

Interpol-Inspired Ransomware Attack Aims at SMBs

Ransomware Campaign Targets Small Businesses Worldwide Using Fake Interpol Emails A troubling ransomware campaign has...

More like this

Microsoft SharePoint RCE Under Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has amplified concerns regarding a notable...

Armored Likho APT Targets Government and Power Sector with BusySnake Stealer Deployment

Emerging Phishing Campaign Unveils New Threat: Armored Likho A newly discovered advanced persistent threat (APT),...

Governance in the Era of AI: Finding One’s Way Through the Mirror Maze

Security Leaders Urged to Establish Guidelines and Embrace AI Opportunities By Moona Ederveen-Schneider July 2, 2026 In...