Cisco has recently released security updates to address a critical vulnerability (CVE-2024-20399) in its Cisco NX-OS software. This vulnerability is actively being exploited and could allow an authenticated local attacker with administrator credentials to run arbitrary commands with root privileges on the underlying operating system.
The affected Cisco switches include MDS 9000 Series Multilayer Switches, Nexus 3000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, and Nexus 9000 Series Switches in Standalone NX-OS Mode. Users and administrators using these vulnerable versions are strongly advised to update to the latest version immediately.
To determine if devices on their network are at risk, administrators can use the Cisco Software Checker page: https://sec.cloudapps.cisco.com/security/center/softwarechecker.x. It’s crucial for administrators to regularly monitor and update the credentials of the network-admin and vdc-admin administrative users to enhance security measures.
For more information on this security advisory and to access the latest updates, users can visit: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cmd-injection-nxos-xD9OhyOP. Cisco is diligently working to provide necessary patches and updates to address this vulnerability and secure affected systems.
Article Source
https://www.csa.gov.sg/alerts-advisories/alerts/2024/al-2024-077