Alarm bells ring over Cisco Nexus devices zero-day despite low CVSS score – TechCentral.ie
A threat actor linked to China is exploiting a zero-day vulnerability in Cisco NX-OS software. Known as Velvet Ant, the actor is targeting a command injection vulnerability affecting various Cisco Nexus devices. The vulnerability, CVE-2024-20399, has a CVSS score of 6.0, with the threat actor deploying custom malware. Sygnia researchers uncovered the exploit during an … Read more